10760 matches found
EulerOS Virtualization 2.10.0 : python-pip (EulerOS-SA-2026-1194)
According to the versions of the python-pip packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests...
EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2026-1141)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a defect in the CPython 'tarfile' module affecting the 'TarFile' extraction and entry enumeration APIs. The tar...
CVE-2025-68662
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and...
NocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL Functionality
Summary A blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, the initial metadata request executes without validation. This allows limited...
CVE-2026-24767
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.0, a blind Server-Side Request Forgery SSRF vulnerability exists in the uploadViaURL functionality due to an unprotected HEAD request. While the subsequent file retrieval logic correctly enforces SSRF protections, t...
CVE-2025-68662
CVE-2025-68662 affects the Discourse platform. A hostname validation issue in the FinalDestination component in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 could allow bypassing SSRF protections under certain conditions. The issue is fixed in versions 3.5.4, 2025.11.2, 2025.12.1, ...
CVE-2025-68662 FinalDestination hostname matching allows SSRF protection bypass
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and...
CVE-2025-68662 FinalDestination hostname matching allows SSRF protection bypass
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and...
CVE-2025-68662 FinalDestination hostname matching allows SSRF protection bypass
Discourse is an open source discussion platform. In versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0, a hostname validation issue in FinalDestination could allow bypassing SSRF protections under certain conditions. This issue is patched in versions 3.5.4, 2025.11.2, 2025.12.1, and...
EUVD-2026-4711
vLLM vulnerable to Server-Side Request Forgery SSRF through MediaConnector...
Exploit for Server-Side Request Forgery in Microsoft
CTT-Exchange-RCE-v1.0---Microsoft-Exchange-Exploit-CVSS-10.0-C...
PT-2026-5058
Name of the Vulnerable Software and Affected Versions TableMaster for Elementor versions up to and including 1.3.6 Description The TableMaster for Elementor plugin for WordPress is susceptible to Server-Side Request Forgery. This occurs because the plugin does not limit the URLs that can be...
CVE-2026-24117
A Server-Side Request Forgery SSRF flaw has been discovered in the Rekor transparency log tool. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can...
CVE-2026-24400
AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine JVM. Starting in version 1.4.0 and prior to version 3.27.7, an XML External Entity XXE vulnerability exists in org.assertj.core.util.xml.XmlStringPrettyFormatter: the toXmlDocumentString method initializes...
Debian dla-4447 : libapache2-mod-php7.4 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4447 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4447-1 [email protected] https://www.debian.org/lts/security/...
EUVD-2026-4538
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
AZL-76542 CVE-2026-24117 affecting package gh 2.62.0-10
Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can trigger GET requests, the request cannot mutate...
CVE-2026-24117
CVE-2026-24117 affects Rekor, a software supply chain transparency log. In versions ≤ 1.4.3, the path /api/v1/index/retrieve accepts a user-provided URL to retrieve a public key, enabling Server-Side Request Forgery (SSRF) to internal services. SSRF is limited to GET requests and does not return ...
CVE-2026-24117
Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can trigger GET requests, the request cannot mutate...
CVE-2026-24360
Server-Side Request Forgery SSRF vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Server Side Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through = 3.14.1...