CVE-2026-32096

Plunk (open-source email platform built on AWS SES) contains a Server-Side Request Forgery (SSRF) in the SNS webhook handler prior to version 0.7.0. An unauthenticated attacker could craft a request that forced the server to perform an outbound HTTP GET to any host reachable from the server. The ...

CVE-2026-31974 Blind SSRF on OpenProject instance via webhooks

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, OpenProject SMTP test endpoint POST /admin/settings/mailnotifications accepts arbitrary host and port values and exhibits measurable differences in response behaviour depending on whether the target IP exists a...

CVE-2026-31974 Blind SSRF on OpenProject instance via webhooks

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, OpenProject SMTP test endpoint POST /admin/settings/mailnotifications accepts arbitrary host and port values and exhibits measurable differences in response behaviour depending on whether the target IP exists a...

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

CVE-2026-31959

CVE-2026-31959 (Quill) : Quill before v0.7.1 is vulnerable to SSRF in the notarization logs retrieval flow. The client fetches a URL provided by the Apple notarization service and currently does not validate that the URL uses https or that the host is safe (not local or multicast). An attacker wh...

CVE-2025-70027

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information...

CVE-2026-26801

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

CVE-2026-3588

A server-side request forgery SSRF vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request...

Server-side Request Forgery (SSRF)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. A high-privileged attacker could exploit this...

EUVD-2026-11053

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

CVE-2026-21294

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

CVE-2026-21293 Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

CVE-2026-21293

CVE-2026-21293 affects Adobe Commerce (Magento) up to 2.4.9-alpha3 and earlier, with a Server-Side Request Forgery (SSRF) that could bypass security features. A high-privileged attacker can manipulate server-side requests to access unauthorized resources without user interaction. Root cause: SSRF...

CVE-2026-21293 Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

CVE-2026-21294 Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate...

EUVD-2026-11325

Quill vulnerable to SSRF via unvalidated URL from Apple notarization log retrieval...

Server-side Request Forgery (SSRF)

Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HTTP Node as it is used in AgentFlow and Chatflow. An attacker can access internal network resources, retrieve sensitive information, or modify and...

Server-side Request Forgery (SSRF)

Overview flowise-ui is a Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HTTP Node as it is used in AgentFlow and Chatflow. An attacker can access internal network resources, retrieve sensitive information, or modify and delete data by supplying crafte...

Flowise affected by Server-Side Request Forgery (SSRF) in HTTP Node Leading to Internal Network Access

Description: Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges RFC 1918, localhost, or cloud metadata endpoints. This enables...