7164 matches found
WordPress Performance Monitor plugin <= 1.0.6 - Unauthenticated Blind SSRF vulnerability
Unauthenticated Blind SSRF vulnerability discovered by Afshin Shekaari in WordPress Plugin Performance Monitor versions = 1.0.6...
PT-2026-29541
Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated user to perform server-side request forgery SSRF, potentially leading to information disclosure, via a crafted API request. This issue affects Server: from 2026.1.1 through...
Official Clerk JavaScript SDKs 代码问题漏洞
The Official Clerk JavaScript SDKs are an open-source repository for Clerk authentication purposes. These SDKs have code-related vulnerabilities. The vulnerability stems from the clerkFrontendApiProxy function in @clerk/backend, which involves server-side request forgeing. This could allow...
PT-2026-29594
Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.79.1 Description A Server-Side Request Forgery SSRF vulnerability exists in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the server to make...
Medium: runfinch-finch
Issue Overview: Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.5, Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services...
Cisco Nexus Dashboard和Cisco Nexus Dashboard Insights 代码问题漏洞
Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights are products of Cisco, a US-based company. Cisco Nexus Dashboard is a single console that simplifies the operation and management of data center networks. Cisco Nexus Dashboard Insights is a platform for operational analysis and fault...
Payload 代码问题漏洞
Payload is an open-source Headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Versions of Payload prior to 3.79.1 contained code vulnerabilities due to insufficient validation in the upload functionality, which could lead to server-side request forgeing...
PT-2026-29481
A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to...
Server-side Request Forgery (SSRF)
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper handling of IPv6 special-use address ranges in the src/shared/net/ip.ts and src/infra/net/ssrf. components. An attacker can access internal o...
GHSA-G86V-F9QV-RH6M OpenClaw SSRF guard misses four IPv6 special-use ranges
Summary The SSRF/IP classifier treated several IPv6 special-use ranges as public and allowed fetches to proceed. Impact An attacker who controlled a fetched URL could target internal or non-routable IPv6 addresses that should have been blocked by the SSRF guard. Affected Component...
SUSE CVE-2026-4789
Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...
GHSA-PQHR-MP3F-HRPP Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
Server-side Request Forgery (SSRF)
Overview nuxt-og-image is an Enlightened OG Image generation for Nuxt. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via user-controlled parameters in the /og/d/ endpoint. An attacker can access internal network resources or sensitive data by injecting craft...
Nuxt OG Image vulnerable to Server-Side Request Forgery via user-controlled parameters
Product: Nuxt OG Image Version: injection via html parameter GET /og/d/og.png?html= When verbose errors are enabled, the response content is leaked in base64-encoded error messages. Vector 3: SVG injection via html parameter GET /og/d/og.png?html= Mitigation Fixed in v6.2.5. The image source plug...
CVE-2026-5126
A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...
CVE-2026-4789
Kyverno, versions 1.16.0 and later, are vulnerable to SSRF due to unrestricted CEL HTTP functions...
Server-side Request Forgery (SSRF)
Overview fastmcp is a The fast, Pythonic way to build MCP servers and clients. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the buildurl function. An attacker can access unauthorized internal backend endpoints and perform actions with elevated privileges...
CVE-2026-34367
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Invoice PDF generation module. User-supplied HTML in the invoice Notes field i...
CVE-2026-34740 AVideo: Stored SSRF via Video EPG Link Missing isSSRFSafeURL() Validation
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the EPG Electronic Program Guide link feature in AVideo allows authenticated users with upload permissions to store arbitrary URLs that the server fetches on every EPG page visit. The URL is validated only with PHP's...
CVE-2026-34365
InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0, a Server-Side Request Forgery SSRF vulnerability exists in the Estimate PDF generation module. User-supplied HTML in the estimate Notes field...