PT-2026-20913

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 4.4.9 Description SPIP versions before 4.4.9 contain a Blind Server-Side Request Forgery SSRF issue related to syndicated sites within the private area. The application does not validate the syndication URL when editing ...

Linux Distros Unpatched Vulnerability : CVE-2026-21428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF...

PT-2026-1030

Name of the Vulnerable Software and Affected Versions go-sonic versions up to 1.1.4 Description A server-side request forgery issue exists in the Theme Fetching API of go-sonic. The flaw is located in the FetchTheme function within the service/theme/git fetcher.go file. Manipulation of the uri...

CVE-2025-34469

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

CVE-2025-34469

CVE-2025-34469 affects Cowrie before 2.9.0. In emulated shell mode, the wget and curl commands perform real outbound HTTP requests, enabling unauthenticated attackers to generate unbounded traffic to arbitrary targets. This SSRF can turn the Cowrie honeypot into a denial-of-service amplification ...

CVE-2025-34469 Cowrie < 2.9.0 Unrestricted wget/curl Emulation Enables SSRF-Based DDoS Amplification

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

CVE-2025-34469 Cowrie < 2.9.0 Unrestricted wget/curl Emulation Enables SSRF-Based DDoS Amplification

Cowrie versions prior to 2.9.0 contain a server-side request forgery SSRF vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no...

CVE-2025-15264

A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an unknown function of the file frontend/web/timthumb.php of the component TimThumb. Executing manipulation of the argument src can lead to server-side request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-62088

Server-Side Request Forgery SSRF vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site wpscraper allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through = 1.0.7...

EUVD-2025-206023

Server-Side Request Forgery SSRF vulnerability in extendons WordPress & WooCommerce Scraper Plugin, Import Data from Any Site allows Server Side Request Forgery.This issue affects WordPress & WooCommerce Scraper Plugin, Import Data from Any Site: from n/a through 1.0.7...

CVE-2025-62088

CVE-2025-62088 is an SSRF vulnerability in the WordPress & WooCommerce Scraper Plugin, Import Data from Any WebSite (

CVE-2025-59138 WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Jthemes Genemy genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through = 1.6.6...

CVE-2025-59138 WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Jthemes Genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through 1.6.6...

EUVD-2025-205997

Server-Side Request Forgery SSRF vulnerability in Jthemes Genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through 1.6.6...

CVE-2025-59138

CVE-2025-59138 is reported for Genemy, the WordPress theme/landing-page builder, alleging a Server-Side Request Forgery (SSRF) in Genemy

WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability

Software : Genemy Type : Theme Vulnerable versions : = 1.6.6 OWASP Top 10 : A10: Server-Side Request Forgery SSRF Classification : Server Side Request Forgery SSRF CVE ID : CVE-2025-59138 Patchstack priority : Low CVSS severity : 4.9 Required privilege : Subscriber Developer : Claim ownership PSI...

CVE-2025-69014

Server-Side Request Forgery SSRF vulnerability in Youzify Youzify youzify allows Server Side Request Forgery.This issue affects Youzify: from n/a through = 1.3.7...

EUVD-2025-205875

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be use...

CVE-2025-15373

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be use...

CVE-2025-15373

A security vulnerability has been detected in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be use...