CVE-2026-44420

creationtimestamp| type| source ---|---|--- 2026-05-29 21:01:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmzgnhigoh2v 2026-05-30 13:56:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116663869287019686...

CVE-2026-45629

creationtimestamp| type| source ---|---|--- 2026-05-29 20:30:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzew26v5d2h 2026-05-30 17:01:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3jp7itoj25...

CVE-2026-45633

creationtimestamp| type| source ---|---|--- 2026-05-29 20:21:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzefsabjs2g 2026-05-30 04:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn262srnhk26...

CVE-2026-45661

creationtimestamp| type| source ---|---|--- 2026-05-29 20:19:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzebcqru52h 2026-05-30 04:00:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn2632dgwx2g...

CVE-2026-9346

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has bee...

EUVD-2026-33418

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

CVE-2026-48555 Spatie Laravel Media Library < 11.23.0 SSRF via addMediaFromUrl()

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

CVE-2026-48555

Spatie Laravel Media Library (≤11.22.x) is affected by an SSRF in addMediaFromUrl() used by InteractsWithMedia.php, allowing a remote attacker to induce the server to make arbitrary outbound HTTP requests by providing user-controlled URLs. Impact aligns with CVSS: Network, with low to moderate co...

CVE-2026-45660

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.22 and 6.18.1, the Glide image proxy's URL validation could be bypassed using an IP representation that wasn't normalized before the public-IP check. An unauthenticated user could cause the server to make HTTP...

CVE-2026-44651

SillyTavern’s CVE-2026-44651 affects the CORS proxy middleware (src/middleware/corsProxy.js). Before version 1.18.0, when fetch(url) throws, the code writes a 500 error response that includes the attacker-controlled url directly in plain text: "Error occurred while trying to proxy to: " + url + …...

EUVD-2026-33405

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651 SillyTavern: Reflected XSS vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-44651 SillyTavern: Reflected XSS vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, when fetchurl throws, the code sends: res.status500.send'Error occurred while trying to proxy to:...

CVE-2026-49325

creationtimestamp| type| source ---|---|--- 2026-05-29 17:46:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmz3pk7woo2r...

CVE-2026-44652 SillyTavern: SSRF vulnerability in the CORS proxy middleware

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-44652

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

EUVD-2026-33399

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-46372

SillyTavern

CVE-2026-10063

creationtimestamp| type| source ---|---|--- 2026-05-29 17:30:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmz2umndob2d 2026-05-30 22:01:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn42gzxemf2j...