CVE-2026-41272

Affected product : Flowise (and its Flowise components). Vulnerability : SSRF protection bypass in the core wrappers secureAxiosRequest and secureFetch prior to 3.1.0, allowing bypass of allow/deny lists via DNS rebinding (TOCTOU) or by using the default/insecure configuration. Impact : potential...

Microsoft Purview eDiscovery Elevation of Privilege Vulnerability

Server-side request forgery ssrf in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network...

Oracle HTTP Server (April 2026 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and...

CVE-2026-41455 WeKan < 8.35 SSRF via Webhook URL

WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the URL scheme field accepts any string without protocol restriction or destination validation. Attackers who can create or modify integrations can set webhook URLs to internal network...

EUVD-2026-24953

An issue was discovered in guardsix formerly Logpoint ODBC Enrichment Plugins before 5.2.1 5.2.1 is used in guardsix 7.9.0.0. A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source,...

PT-2026-34563

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the RestoreController.PostRestoreJob endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" HttpClient...

EUVD-2026-24571

Craft CMS is a content management system CMS. In versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14, the resource-js endpoint in Craft CMS allows unauthenticated requests to proxy remote JavaScript resources. When trustedHosts is not explicitly restricted default...

CVE-2026-35587

A flaw was found in Glances, an open-source system monitoring tool. An attacker with the ability to modify the Glances configuration can exploit a Server-Side Request Forgery SSRF vulnerability. This flaw, caused by improper validation of the publicapi configuration parameter, allows the attacker...

PT-2026-34220

Craft CMS is a content management system CMS. Versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14 are vulnerable to Server-Side Request Forgery. The exploitation requires a few permissions to be enabled in the used GraphQL schema: "Edit assets in the volume" and "Create...

Bagisto 代码问题漏洞

Bagisto is an open-source e-commerce framework developed by Webkul Software in India. Versions of Bagisto 2.3.15 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the copy function in the Downloadable Link Handler component, which could lead to...

CVE-2026-6606 modelscope agentscope _agent_base.py _process_audio_block server-side request forgery

A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...

CVE-2026-6605

Scope: modelscope agentscope up to 1.0.18. Affected component: Internal Service, file src/agentscope/_utils/_common.py, function _get_bytes_from_web_url. Description indicates a server-side request forgery vulnerability caused by a manipulation of this function. Attack could be performed remotely...

CVE-2026-6604 modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

PT-2026-33847

Name of the Vulnerable Software and Affected Versions LMDeploy versions prior to 0.12.3 Description A Server-Side Request Forgery SSRF issue exists in the vision-language module of LMDeploy, a toolkit for compressing, deploying, and serving large language models. The load image and encode image...

glances 代码问题漏洞

Glances is a system monitoring tool developed by Nicolas Hennion. Versions of Glances prior to 4.5.4 contained code vulnerabilities. These vulnerabilities stemmed from improper validation of publicapi configuration parameters by the IP plugin, which could lead to server-side request forgeing and...

dify 安全漏洞

dify is an open-source LLM application development platform developed by LangGenius. Versions of dify prior to 1.13.3 have security vulnerabilities. These vulnerabilities stem from improper handling of parameters in the parseopenaipluginjsontotoolbundle function of the ApiBasedToolSchemaParser...

CVE-2026-6573 PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery

A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...

OpenClaw: CDP /json/version WebSocket URL could pivot to untrusted second-hop targets

Summary CDP /json/version WebSocket URL could pivot to untrusted second-hop targets. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.5 Impact A browser profile could trust a CDP /json/version response whose webSocketDebuggerUrl pointed at a differen...

OpenClaw: Browser tabs action select and close routes bypassed SSRF policy

Summary Browser tabs action select and close routes bypassed SSRF policy. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact The browser /tabs/action select and close branches could operate on targets without enforcing configured browser SSRF...

CVE-2026-40516

OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the webfetch and websearch tools that allows attackers to access private and localhost HTTP services by manipulating tool parameters without proper validation of target addresses. Attackers can influence an...