Lucene search
K

10760 matches found

Positive Technologies
Positive Technologies
added 2026/02/16 12:0 a.m.6 views

PT-2026-8388

Name of the Vulnerable Software and Affected Versions Rocket TRUfusion Enterprise versions through 7.10.5 Description Rocket TRUfusion Enterprise through version 7.10.5 has a path traversal issue in the WsPortalV6UpDwAxis2Impl service, accessible via the API endpoint...

9.9CVSS6.2AI score0.01027EPSS
Exploits1References17
NVD
NVD
added 2026/02/13 7:17 p.m.8 views

CVE-2026-25991

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, there is a Blind Server-Side Request Forgery SSRF vulnerability in the Cookmate recipe import feature of Tandoor Recipes. The application fails to validate the destination URL afte...

7.7CVSS0.00283EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/12 8:34 p.m.3 views

CVE-2026-26005

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

5CVSS5.6AI score0.00233EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/12 8:34 p.m.32 views

CVE-2026-26005 ClipBucket v5 enables internal network scans via an SSRF vulnerability

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - 45, in Clip Bucket V5, The Remote Play allows creating video entries that reference external video URLs without uploading the video files to the server. However, by specifying an internal network host in the video URL, an SS...

5CVSS0.00233EPSS
Exploits1References2
CVE
CVE
added 2026/02/11 9:11 p.m.25 views

CVE-2026-26019

CVE-2026-26019 affects the LangChain JS library (@langchain/community) before version 1.1.14, specifically the RecursiveUrlLoader. The cause is insufficient URL origin validation: it relied on String.startsWith() to compare URLs, failing to validate semantic origin and permitting crawling of atta...

4.1CVSS5.4AI score0.00371EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 11:34 a.m.3 views

CVE-2025-12073 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions, could have allowed an authenticated user to perform server-side request forgery against internal services by bypassing...

4.3CVSS5.5AI score0.00226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.5 views

PT-2026-21972

Name of the Vulnerable Software and Affected Versions LangChain versions prior to 1.1.18 @langchain/community versions prior to 1.1.18 Description A redirect-based Server-Side Request Forgery SSRF bypass exists in the RecursiveUrlLoader within the @langchain/community package. The loader initiall...

7.4CVSS8.2AI score0.00206EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2026/02/10 9:51 p.m.2 views

CVE-2026-26013 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.2.11, the ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Reque...

3.7CVSS5.7AI score0.00379EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/10 1:23 p.m.7 views

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

5.8CVSS5.6AI score0.00165EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.9 views

PT-2026-7474

Name of the Vulnerable Software and Affected Versions DoraCMS versions prior to 3.1 Description The software contains a server-side request forgery SSRF issue in its UEditor remote image fetch functionality. The application takes user-provided URLs and makes server-side HTTP or HTTPS requests...

6.9CVSS5.7AI score0.00298EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/02/09 8:35 p.m.8 views

Craft CMS Vulnerable to SSRF in GraphQL Asset Mutation via HTTP Redirect

Summary The saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypass all SSRF protections by hosting a redirect that points to cloud metadata endpoints or any internal IP addresses. ---...

6.9CVSS5.6AI score0.00359EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/09 7:41 p.m.5 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/09 7:41 p.m.27 views

CVE-2026-25494 Craft has a SSRF in GraphQL Asset Mutation via Alternative IP Notation

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation uses filtervar..., FILTERVALIDATEIP to block a specific list of IP addresses. However, alternative IP notations hexadecimal, mixed are not...

6.9CVSS0.00359EPSS
Exploits1References3
CVE
CVE
added 2026/02/09 7:41 p.m.14 views

CVE-2026-25494

Craft CMS versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21 are affected by a vulnerability in the saveAsset GraphQL mutation, where filter_var(..., FILTER_VALIDATE_IP) blocks a defined IP list but fails to recognize hexadecimal or mixed notations, allowing bypass of the blocklist t...

6.9CVSS5.5AI score0.00359EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/09 7:36 p.m.5 views

CVE-2026-25493

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypa...

6.9CVSS5.6AI score0.00359EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/09 9:30 a.m.3 views

GHSA-6FGP-M6Q4-J3Q5 MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access

Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...

5.8CVSS6.2AI score0.00165EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/09 9:30 a.m.6 views

MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access

Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...

5.8CVSS6AI score0.00165EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/09 9:16 a.m.16 views

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

5.8CVSS0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/06 9:19 p.m.4 views

CVE-2026-25123

Homarr is an open-source dashboard. Prior to 1.52.0, a public unauthenticated tRPC endpoint widget.app.ping accepts an arbitrary url and performs a server-side request to that URL. This allows an unauthenticated attacker to trigger outbound HTTP requests from the Homarr server, enabling SSRF...

5.3CVSS5.7AI score0.00264EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/02/06 9:19 p.m.5 views

EUVD-2026-5564

Homarr is an open-source dashboard. Prior to 1.52.0, a public unauthenticated tRPC endpoint widget.app.ping accepts an arbitrary url and performs a server-side request to that URL. This allows an unauthenticated attacker to trigger outbound HTTP requests from the Homarr server, enabling SSRF...

5.3CVSS5.7AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder