CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

CVE-2026-36764

A Server-Side Request Forgery SSRF in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request...

EUVD-2026-26384

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

CVE-2026-36756

A Server-Side Request Forgery SSRF in the /plugins/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

Halo 代码问题漏洞

Halo is a powerful and easy-to-use open-source website building tool developed by Halo. Version 2.22.14 of Halo contains a code vulnerability. This vulnerability stems from a server-side request forgery at the /plugins/name/upgrade-from-uri endpoint, which could allow authenticated attackers to...

CVE-2026-36764

CVE-2026-36764 describes a Server-Side Request Forgery (SSRF) in SpringBlade v4.8.0. The vulnerability occurs at the /ureport/datasource/testConnection endpoint and may allow authenticated users to scan internal resources by sending a crafted GET request. Documents confirm the affected product/ve...

CVE-2026-36758

A Server-Side Request Forgery SSRF in the /themes/-/install-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

i18next-http-middleware has path traversal / SSRF via user-controlled language and namespace parameters

Summary Versions of i18next-http-middleware prior to 3.9.3 pass the user-controlled lng and ns values from getResourcesHandler directly into i18next.services.backendConnector.loadlanguages, namespaces, … without any sanitisation. Depending on which backend is configured, the unvalidated path...

pygeoapi 0.23.x: Unauthenticated SSRF via OGC API - Processes Subscriber

Impact OGC API - Process execution requests can use the subscriber object to requests to internal HTTP services. Patches The issue has been patched in master branch and made available as part of the 0.23.3 release. The patch disables any HTTP requests made to internal resources by default unless...

CVE-2026-7417

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

CVE-2026-7417 Algovate xhs-mcp MCP mcp.server.ts xhs_publish_content server-side request forgery

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

CVE-2026-7417

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

CVE-2026-7417

The CVE-2026-7417 entry concerns Algovate xhs-mcp 0.8.11. It affects the MCP Interface’s xhs_publish_content in src/server/mcp.server.ts, where manipulating the media_paths argument enables server-side request forgery. The vulnerability is exploitable remotely with a public exploit (exploit code ...

CVE-2026-7417 Algovate xhs-mcp MCP mcp.server.ts xhs_publish_content server-side request forgery

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...

Nginx-UI has Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware that Allows Access to Internal Services

Summary An authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node pointing to an arbitrary internal URL and then sending API requests with the X-Node-ID header. The Proxy middleware forwards these requests to the attacker-specified internal address, bypassing...

CVE-2026-41461

SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated remote attackers...

PhpSpreadsheet has SSRF/RCE in IOFactory::load when $filename is user controlled

The usage of isfile, used to verify if the $filename is indeed an actual file, by all? Reader implementations inside the helper function File::assertFile is php-wrapper aware, for any php wrappers implementing stat. The 3 wrappers ftp://, phar:// and ssh2.sftp://, all satisfy this requirement - 2...

Server-side Request Forgery (SSRF)

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the IOFactory::load process. An attacker can execute arbitrary code or initiate unauthorize...

CVE-2026-42641

Server-Side Request Forgery SSRF vulnerability in ILLID Share This Image share-this-image allows Server Side Request Forgery.This issue affects Share This Image: from n/a through = 2.14...