OpenHarness 安全漏洞

OpenHarness is a lightweight development and runtime framework for Data Intelligence Lab@HKU, open-source in nature. OpenHarness has a security vulnerability, which stems from the lack of target address validation in the webFetch and webSearch tools. This vulnerability may lead to server-side...

TinyFileManager 安全漏洞

TinyFileManager is a web-based file manager developed by Prasathmani. It allows for online storage, uploading, editing, and management of files and folders through a web browser. Versions of TinyFileManager 2.6 and earlier contained security vulnerabilities; these vulnerabilities stemmed from...

PT-2026-33454

Name of the Vulnerable Software and Affected Versions Craftql versions prior to 1.3.8 Description Server-Side Request Forgery SSRF allows an attacker to execute arbitrary code via the 'vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php' file. Recommendations Update to a version newer...

craftql 安全漏洞

Craftql is a server developed by Mark Huot, an individual developer, that provides GraphQL interfaces for the Craft CMS. Versions of Craftql 1.3.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from server-side request forgeing in the...

Neo4j MCP Clients & Servers 安全漏洞

Neo4j MCP Clients & Servers is an open-source protocol developed by Neo4j Contrib, designed for managing the context of large language models. Versions of Neo4j MCP Clients & Servers prior to 0.6.0 contained security vulnerabilities. These vulnerabilities stemmed from a read-only mode where the...

CVE-2026-31317

CVE-2026-31317 affects Craftql v1.3.7 and earlier. The root cause is a Server-Side Request Forgery (SSRF) vulnerability in vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php, which can allow an attacker to execute arbitrary code. Public references consistently describe SSRF as the imp...

CVE-2026-31317

Craftql v1.3.7 and before is vulnerable to Server-Side Request Forgery SSRF which allows an attacker to execute arbitrary code via the vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php file...

PT-2026-33439

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...

PT-2026-33464

Name of the Vulnerable Software and Affected Versions OpenHarness versions prior to commit bd4df81 Description An issue exists in the 'web fetch' and 'web search' tools where target addresses are not properly validated. This allows attackers to manipulate tool parameters to access private and...

SUSE CVE-2026-34244

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

Server-side Request Forgery (SSRF)

Overview langchain-openai is an An integration package connecting OpenAI and LangChain Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the image token counting urltosize function. An attacker can access internal network resources by exploiting a DNS...

GHSA-R7W7-9XR2-QQ2R langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding

Summary langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS resolution. This left a TOCTOU / DNS rebinding window: an attacker-controlled hostnam...

Security Bulletin: Multiple Vulnerabilities in IBM Aspera Faspex

Summary Multiple Vulnerabilities were addressed in IBM Aspera Faspex 5.0.15.1 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking...

Server-side Request Forgery (SSRF)

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the secureAxiosRequest and secureFetch functions. An attacker can gain unauthorized access to internal services and potentially exfiltrate sensitive data ...

GHSA-2X8M-83VC-6WV4 Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Summary The core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding Time-of-Check Time-of-Use or by exploiting the default configuratio...

Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Summary The core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding Time-of-Check Time-of-Use or by exploiting the default configuratio...

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

Server-side Request Forgery (SSRF)

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the getHttpDenyList process in httpSecurity.ts. An attacker can reach internal or otherwise denied HTTP endpoints by supplying requests that rely on the HTTP deny li...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the jwksUri field of the RequestAuthentication resource. An attacker can access internal network resources by specifying a URL pointing to an internal service, causing the system to make unauthenticat...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the jwksUri field of the RequestAuthentication resource. An attacker can access internal network resources by specifying a URL pointing to an internal service, causing the system to make unauthenticat...