PT-2026-41471

A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of the component test-hass Endpoint. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has be...

CAAL 代码问题漏洞

CAAL is a self-hosted voice assistant developed by CoreWorxLab, ensuring data and keys are secure. Versions of CAAL 1.6.0 and earlier contain code vulnerabilities. These vulnerabilities stem from unknown functions in the src/caal/webhooks.py file within the test-hass endpoint, which involve...

Vercel AI SDK 代码问题漏洞

Vercel AI SDK is a JavaScript SDK developed by Vercel that supports the integration of large language models, streaming responses, and AI application development. Versions of Vercel AI 3.0.97 and earlier contain code vulnerabilities. These vulnerabilities stem from the validateDownloadUrl functio...

PT-2026-41587

Name of the Vulnerable Software and Affected Versions vercel ai versions prior to 3.0.98 Description A server-side request forgery SSRF issue exists in the provider-utils component. The flaw is located in the validateDownloadUrl function within the packages/provider-utils/src/download-blob.ts fil...

Server-Side Request Forgery

github.com/quantumnous/new-api, is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to incomplete SSRF protection that fails to block the unspecified address 0.0.0.0, allowing authenticated users to bypass private-IP filtering and force the server to make requests to...

Server-Side Request Forgery

Arcane is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the /api/templates/fetch endpoint accepting a user-controlled url parameter and performing server-side HTTP requests without authentication or validation of the URL scheme and destination host, allowing...

Server-Side Request Forgery (SSRF)

FrontMCP is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to unsafe dereferencing of $ref pointers in OpenAPI specifications without URL restrictions, which allows an attacker to trigger requests to internal network resources or read local files through malicious OpenAP...

Improper Restriction Of Outbound Network Requests (SSRF)

Flowise is vulnerable to improper restriction of outbound network requests SSRF. The vulnerability is due to multiple tool implementations directly importing and invoking raw HTTP clients instead of using the secured wrapper, which allows an attacker to perform unauthorized server-side requests...

Server-Side Request Forgery

magicmirror is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation in the /cors endpoint, allowing unauthenticated attackers to force the server to make arbitrary HTTP requests to internal or external services, while environment variable expansion...

CVE-2026-45347

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is a blind server side request forgery SSRF via the PDF generate function. In the PDF export, user inputs are interpreted as HTML and embedded into the PDF. According to tests...

EUVD-2026-30667

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery SSRF vulnerability exists in processpictureurl in backend/openwebui/utils/oauth.py line 1338. The function fetches arbitrary URLs from OAuth picture...

CVE-2026-45338

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery SSRF vulnerability exists in processpictureurl in backend/openwebui/utils/oauth.py line 1338. The function fetches arbitrary URLs from OAuth picture...

CVE-2026-45338

Open WebUI CVE-2026-45338 describes an SSRF in _process_picture_url() (oauth.py) where the server fetches URLs from OAuth picture claims without validate_url(), enabling requests to internal resources and exfiltration of the full response. Affected software before the fix: Open WebUI prior to ver...

CVE-2026-45400

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing difference between the urlparse and requests libraries led to an SSRF bypass vulnerability. This vulnerability is fixed in 0.9.5...

CVE-2026-45347

CVE-2026-45347 concerns Open WebUI, a self-hosted offline AI platform. The vulnerability is a blind server-side request forgery (SSRF) via the PDF generate function, where user inputs embedded in the PDF are processed as HTML. Tests show most dangerous tags (e.g., iframe, object) are blocked, but...

CVE-2026-45347

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.11, there is a blind server side request forgery SSRF via the PDF generate function. In the PDF export, user inputs are interpreted as HTML and embedded into the PDF. According to tests...

CVE-2026-45400

CVE-2026-45400 relates to Open WebUI SSRF bypass in validate_url caused by a mismatch between urlparse and requests hostname handling. Before version 0.9.5, URLs like http://127.0.0.1:[email protected] could pass validation because hostname parsing treated the public IP (1.1.1.1) as the target, while ...

CVE-2026-45400 Open WebUI: Server-Side Request Forgery (SSRF) bypass in `validate_url`

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, a parsing difference between the urlparse and requests libraries led to an SSRF bypass vulnerability. This vulnerability is fixed in 0.9.5...

CVE-2026-45401 Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validateurl function in backend/openwebui/retrieval/web/utils.py only validates the initial URL submitted by the caller. The HTTP clients used downstream sync requests, async...

CVE-2021-47958 CouchCMS 2.2.1 Server-Side Request Forgery via SVG upload

CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Attackers can upload SVG files containing external entity references through the browse.php endpoint to access internal service...