GHSA-3C45-4PJ5-CH7M changedetection.io is Vulnerable to SSRF via Watch URLs

Summary Changedetection.io is vulnerable to Server-Side Request Forgery SSRF because the URL validation function issafevalidurl does not validate the resolved IP address of watch URLs against private, loopback, or link-local address ranges. An authenticated user or any user when no password is...

GHSA-H39H-7CVG-Q7J6 AVideo has Authenticated Server-Side Request Forgery via downloadURL in aVideoEncoder.json.php

Vulnerability Type Authenticated Server-Side Request Forgery SSRF Affected Product/Versions AVideo versions prior to 22 tested on AVideo 21.x. Root Cause Summary The aVideoEncoder.json.php API endpoint accepts a downloadURL parameter and fetches the referenced resource server-side without proper...

CVE-2026-24005 OpenKruise PodProbeMarker is Vulnerable to SSRF via Unrestricted Host Field

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since...

CVE-2026-24005 OpenKruise PodProbeMarker is Vulnerable to SSRF via Unrestricted Host Field

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since...

CVE-2026-24005

Kruise provides automated management of large-scale applications on Kubernetes. Prior to versions 1.8.3 and 1.7.5, PodProbeMarker allows defining custom probes with TCPSocket or HTTPGet handlers. The webhook validation does not restrict the Host field in these probe configurations. Since...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the PodProbeMarker component. An attacker can access internal network resources, perform port scanning, and retrieve response feedback by specifying arbitrary values in the host field of probe...

CVE-2026-27739

The Angular SSR is a server-rise rendering tool for Angular applications. Versions prior to 21.2.0-rc.1, 21.1.5, 20.3.17, and 19.2.21 have a Server-Side Request Forgery SSRF vulnerability in the Angular SSR request handling pipeline. The vulnerability exists because Angular’s internal URL...

CVE-2026-27795

CVE-2026-27795 concerns the LangChain JS community loader (RecursiveUrlLoader in @langchain/community). Prior to version 1.1.8, it could bypass SSRF protections by allowing automatic redirects after validating the initial URL, enabling a transition from a safe public URL to an internal/metadata e...

CVE-2026-27795 LangChain Community: redirect chaining can lead to SSRF bypass via RecursiveUrlLoader

LangChain is a framework for building LLM-powered applications. Prior to version 1.1.8, a redirect-based Server-Side Request Forgery SSRF bypass exists in RecursiveUrlLoader in @langchain/community. The loader validates the initial URL but allows the underlying fetch to follow redirects...

CVE-2026-27795 LangChain Community: redirect chaining can lead to SSRF bypass via RecursiveUrlLoader

LangChain is a framework for building LLM-powered applications. Prior to version 1.1.8, a redirect-based Server-Side Request Forgery SSRF bypass exists in RecursiveUrlLoader in @langchain/community. The loader validates the initial URL but allows the underlying fetch to follow redirects...

CVE-2026-3189

A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be executed remotely. Attacks ...

CVE-2026-3189

Feiyuchuixue sz-boot-parent up to 1.3.2-beta contains a server-side request forgery (SSRF) via the url parameter in the /api/admin/common/files/download endpoint. The issue can be exploited remotely and stems from inadequate validation; upgrade to 1.3.3-beta. The patch aefaabfd7527188bfba3c8c9eee...

CVE-2026-3189 feiyuchuixue sz-boot-parent download server-side request forgery

A weakness has been identified in feiyuchuixue sz-boot-parent up to 1.3.2-beta. This vulnerability affects unknown code of the file /api/admin/common/files/download. Executing a manipulation of the argument url can lead to server-side request forgery. The attack can be executed remotely. Attacks ...

CVE-2026-27706

Plane is an open-source project management tool. Before version 1.2.2, there is a full Read Server-Side Request Forgery (SSRF) in the "Add Link" feature. An authenticated user with general privileges could issue arbitrary GET requests to internal networks and exfiltrate the full response body, po...

CVE-2026-27706 Plane Vulnerable to Full Read SSRF via Favicon Fetching in "Add Link" Feature

Plane is an an open-source project management tool. Prior to version 1.2.2, a Full Read Server-Side Request Forgery SSRF vulnerability has been identified in the "Add Link" feature. This flaw allows an authenticated attacker with general user privileges to send arbitrary GET requests to the...

CVE-2026-27730 esm.sh has SSRF localhost/private-network bypass in `/http(s)` module route

esm.sh is a no-build content delivery network CDN for web development. Versions up to and including 137 have an SSRF vulnerability CWE-918 in esm.sh’s /https fetch route. The service tries to block localhost/internal targets, but the validation is based on hostname string checks and can be bypass...

CVE-2025-50180 esm.sh is vulnerable to full-response SSRF

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

CVE-2025-50180 esm.sh is vulnerable to full-response SSRF

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

CVE-2025-50180

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

CVE-2025-50180 esm.sh is vulnerable to full-response SSRF

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...