1445 matches found
Universal Tool Calling Protocol 代码问题漏洞
Universal Tool Calling Protocol is an official Python implementation of the UTCP open-source protocol. Versions of Universal Tool Calling Protocol prior to 1.1.2 had code vulnerabilities. These vulnerabilities stemmed from the @utcp/http package’s blind SRFI vulnerability. The registerManual...
CVE-2026-45061
Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...
CVE-2026-48153
Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codebase uses. The Joi schema for the OAuth2 URL has no...
CVE-2026-45412
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via workflowtemplate Import. Authenticated users can supply arbitrary URLs in workflowtemplate.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed in...
CVE-2026-45412 MaxKB: Unauthenticated SSRF via Workflow Template Import
MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.1, SSRF via workflowtemplate Import. Authenticated users can supply arbitrary URLs in workflowtemplate.downloadUrl which are fetched server-side without any URL validation or internal IP filtering. This vulnerability is fixed in...
EUVD-2026-31855
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
MaxKB 代码问题漏洞
MaxKB is an open-source question-answering system based on large language models and RAG, developed by 1Panel-dev. Versions of MaxKB prior to 2.9.1 contained code vulnerabilities. These vulnerabilities stemmed from the work-flowtemplate import feature, where authenticated users could provide...
TencentOS Server 3: grafana-pcp (TSSA-2026:0383)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0383 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Exploit for CVE-2026-33712
CVE-2026-33712 - Typebot Unauthenticated SSRF Description...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]
Summary IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse, which may cause acceptance of some invalid URLs CVE-2026-25679. url.Parse is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below...
PT-2026-42686
Impact Some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor templates that derive 'RedirectUrl' from user-controlled query parameters vulnerable to malicious redirect attacks. Patches The issue is resolved in versions...
CVE-2026-47782
Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without user confirmation nor...
CVE-2026-47782
Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web page is given through an intent, RoboForm may silently download files without user confirmation nor...
Astra Linux – Vulnerability in PHP 7.3
In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14, and 8.0.0, when validating URLs using functions like filtervar$url, FILTERVALIDATEURL, PHP will accept a URL with an invalid password as a valid URL. This may cause functions that rely on the validity of URLs to misinterpret the URL and...
Astra Linux – Vulnerability in PHP 7.3
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21, and 8.0.x below 8.0.8, when using URL validation functionality via the filterVar function with the FILTERVALIDATEURL parameter, a URL with an invalid password field can be accepted as valid. This can cause the code to incorrectly parse the...
Astra Linux – Vulnerability in Python-Django
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are vulnerable to a ReDoS regular expression denial of service attack due to a very large number of domain name labels for emails and URLs...
Astra Linux – Vulnerability in PHP 8.1, PHP 7.3
In PHP versions 8.1. before 8.1.29, and 8.2. before 8.2.20, and 8.3. before 8.3.8, due to a code logic error, filtering functions such as filterVar when validating URLs using FILTERVALIDATEURL will result in invalid user information such as username and password parts of URLs being treated as val...
Siber Systems RoboForm Password Manager 安全漏洞
Siber Systems RoboForm Password Manager is a password manager offered by Siber Systems. There is a security vulnerability in Siber Systems RoboForm Password Manager. This vulnerability arises from insufficient URL validation, user confirmation, or notification when processing Android intentions. ...
Keycloak: Open redirect when using wildcard valid redirect URIs in Keycloak
A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...
GHSA-PF9C-CH8R-2958 Statamic CMS: Server-Side Request Forgery via Glide
Impact The Glide image proxy's URL validation could be bypassed using an IP representation that wasn't normalized before the public-IP check. An unauthenticated user could cause the server to make HTTP requests to internal addresses — including loopback, private network, and cloud metadata...