Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2026/02/25 4:17 p.m.3 views

CVE-2026-27567

Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery SSRF vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an...

6.5CVSS5.5AI score0.00288EPSS
Exploits0References1
Snyk
Snykadded 2026/02/24 8:10 p.m.3 views

Server-side Request Forgery (SSRF)

Overview payload is a Node, React and MongoDB Headless CMS and Application Framework Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the external file upload endpoint due to insufficient validation of HTTP redirects. An attacker can access internal network...

7.4CVSS6AI score0.00288EPSS
Exploits0References2
OSV
OSVadded 2026/02/24 8:10 p.m.5 views

GHSA-HHFX-5X8J-F5F6 Payload: Server-Side Request Forgery (SSRF) in External File URL Uploads

Impact A Server-Side Request Forgery SSRF vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an authenticated attacker to access internal network resources. Users are affected ...

6.5CVSS5.7AI score0.00288EPSS
Exploits0References5
OSV
OSVadded 2026/02/24 2:22 p.m.4 views

CVE-2026-27567 Payload has Server-Side Request Forgery (SSRF) in External File URL Uploads

Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery SSRF vulnerability exists in Payload's external file upload functionality. When processing external URLs for file uploads, insufficient validation of HTTP redirects could allow an...

6.5CVSS5.6AI score0.00288EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2025/04/24 11:15 p.m.6 views

CVE-2025-3606 Vestel AC Charger Exposure of Sensitive System Information to an Unauthorized Control Sphere

Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to access files containing sensitive information, such as credentials which could be used to further compromise the device...

8.7CVSS6.9AI score0.00343EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/04/24 12:0 a.m.3 views

Vestel EVC04 AC Charger 安全漏洞

The Vestel EVC04 AC Charger is an alternating current AC charger from Vestel Electronics Vestel of Turkey. A security vulnerability exists in the Vestel EVC04 AC Charger version 3.75.0, which stems from the possibility of accessing files containing sensitive information, leading to further...

8.7CVSS6.6AI score0.00343EPSS
Exploits0References2
Rows per page
Query Builder