Lucene search
+L

92 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/12 9:42 p.m.5 views

CVE-2026-26075

FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. need to initiate data acquisition requests from the server, there are certain security issues. In addition to implementing internal network isolation in the deployment environment...

6.9CVSS5.5AI score0.00101EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

GitLab 代码问题漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. There are code-related vulnerabilities in versions of GitLab EE prior t...

5.4CVSS5.9AI score0.00164EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/14 10:14 a.m.6 views

CVE-2026-0532

External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially crafted credentials JSON payload in the Google Gemini connector configuration. This requires an attacker to have authenticate...

8.6CVSS5.8AI score0.00417EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2025/11/05 7:15 a.m.5 views

CVE-2025-12388

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...

6.4CVSS0.0021EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/09 6:58 p.m.3 views

CVE-2025-59146 New API has Authenticated Server-Side Request Forgery (SSRF) issue

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. An authenticated Server-Side Request Forgery SSRF vulnerability exists in versions prior to 0.9.0.5. A feature within the application allows authenticated users to submit a URL for the server to...

8.5CVSS6.3AI score0.00225EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-0104

Malware in sbrugna...

10CVSS6.4AI score0.01839EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-21360

Malware in sbrugna...

5.3CVSS5.3AI score0.15254EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-18849

Malware in sbrugna...

6.4CVSS6.5AI score0.00827EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2007-3425

Malware in sbrugna...

6.4CVSS6.3AI score0.02159EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-30698

Malicious code in bioql PyPI...

4.4CVSS6.5AI score0.00236EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-32209

Malicious code in bioql PyPI...

1.8CVSS6.6AI score0.00172EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5060

Malicious code in bioql PyPI...

6.6AI score
Exploits0References3
NVD
NVD
added 2025/10/02 8:15 p.m.4 views

CVE-2025-54087

CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrative privileges can publish a crafted test HTTP request originating from the Secure Access server. The attack complexity is high, there are no attack requirements, and...

2.6CVSS0.00172EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.10 views

The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, allows attackers to perform SRF attacks.

The vulnerability in the web interface for managing software tools used to create reports for Cisco Unified Intelligence Center, as well as for multimedia and distributed contact centers like Cisco Unified Contact Center Enterprise, stems from forged requests at the server side, resulting from...

5.8CVSS5.6AI score0.00323EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/07/07 5:15 a.m.7 views

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

7.3CVSS0.00265EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/07 4:52 a.m.13 views

CVE-2025-53473

Server-side request forgery SSRF vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers...

7.3CVSS0.00265EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.8 views

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

6.5CVSS7.3AI score0.01032EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:42 a.m.7 views

php: Configuring a proxy in a stream context might allow for CRLF injection in URIs

A flaw was found in PHP. In affected versions of PHP, when using streams with configured proxy and "requestfulluri" option, the URI is not properly sanitized, which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the...

7.2CVSS5.8AI score0.01132EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/09 3:24 p.m.12 views

CVE-2025-47484

Server-Side Request Forgery SSRF vulnerability in Oliver Campion Display Remote Posts Block display-remote-posts-block allows Server Side Request Forgery.This issue affects Display Remote Posts Block: from n/a through = 1.1.0...

6.4CVSS7.2AI score0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/25 4:42 a.m.5 views

CVE-2024-10207 Server-Side Request Forgery (authenticated) in APROL Web Portal

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL 4.4-00P5 may allow an authenticated network-based attacker to force the web server to request arbitrary URLs...

5.3CVSS7.1AI score0.0033EPSS
Exploits0References1
Rows per page
Query Builder