Lucene search
K

8 matches found

Github Security Blog
Github Security Blog
added 2026/05/28 7:18 p.m.19 views

local-deep-research has an SSRF bypass in `safe_get`

Summary The URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. Details The current project uses validateurl to validate the input URL. The main logic is to perform security checks on the host portion of the URL extracted by...

5CVSS5.9AI score0.00247EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/28 5:58 p.m.3 views

CVE-2026-46526 Local Deep Research: SSRF bypass in `safe_get`

Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validateurl to validate the input URL. The...

5CVSS6AI score0.00247EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/26 4:13 p.m.11 views

CVE-2026-44502 Bugsink: SSRF bypass in `validate_webhook_url`

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...

4.3CVSS5.8AI score0.00286EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/26 4:13 p.m.19 views

EUVD-2026-31855

Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...

4.3CVSS5.8AI score0.00286EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/20 3:35 p.m.10 views

Interpretation Conflict

Overview symfony/html-sanitizer is a Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM. Affected versions of this package are vulnerable to Interpretation Conflict via URL parsing and policy enforcement in UrlSanitizer/UrlAttributeSanitizer...

5.4CVSS5.8AI score0.00048EPSS
Exploits0References2
OSV
OSV
added 2026/05/08 7:9 p.m.7 views

GHSA-FP53-QCF8-2XX2 Bunsink has an SSRF bypass in `validate_webhook_url`

Summary Bugsink’s webhook URL validation in versions 2.1.2 and earlier could be partially bypassed because of a mismatch in URL parsing. In some malformed URLs, Python’s standard URL parser urllib and the HTTP client stack requests / urllib3 do not agree on which host is actually being targeted...

4.3CVSS6AI score0.00286EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/09 9:1 p.m.3 views

CVE-2026-25960 SSRF Protection Bypass in vLLM

vLLM is an inference and serving engine for large language models LLMs. The SSRF protection fix for CVE-2026-24779 add in 0.15.1 can be bypassed in the loadfromurlasync method due to inconsistent URL parsing behavior between the validation layer and the actual HTTP client. The SSRF fix uses...

7.1CVSS5.8AI score0.00485EPSS
Exploits1References4
CVE
CVE
added 2026/03/09 9:1 p.m.16 views

CVE-2026-25960

Summary of CVE-2026-25960 (vLLM) : The SSRF protection added in 0.15.1 (fix tied to CVE-2026-24779) can be bypassed in vLLM’s load_from_url_async due to inconsistent URL parsing between the validation layer (urllib3.util.parse_url) and the HTTP client (aiohttp with yarl). The vulnerability arises...

9.8CVSS5.8AI score0.00485EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder