Lucene search
+L

628 matches found

nuclei
nuclei
added yesterday14 views

mcp-atlassian < 0.17.0 - Server-Side Request Forgery

MCP Atlassian 0.17.0 contains a server-side request forgery caused by improper validation of custom HTTP headers in the HTTP middleware, letting unauthenticated attackers force outbound requests to arbitrary URLs, exploit requires access to the mcp-atlassian HTTP endpoint. id: CVE-2026-27826 info...

9CVSS6.3AI score0.14958EPSS
Exploits2References4
nuclei
nuclei
added 2 days ago13 views

BMC FootPrints 'searchWeb' - Server-Side Request Forgery

BMC FootPrints versions 20.20.02 through 20.24.01.001 contain a Server-Side Request Forgery SSRF vulnerability in the /footprints/servicedesk/import/searchWeb endpoint. The 'url' parameter allows unauthenticated attackers to force the server to make HTTP requests to arbitrary URLs, enabling acces...

8.8CVSS6.3AI score0.3436EPSS
Exploits2References2
circl
circl
added 3 days ago5 views

CVE-2026-57770

creationtimestamp| type| source ---|---|--- 2026-07-13 10:41:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjiyawyja25 2026-07-13 11:26:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjlhmqfs62r...

9.8CVSS6.1AI score0.00313EPSS
Exploits0References2
cve
cve
added 5 days ago10 views

CVE-2026-3552

SurfLink

4.3CVSS6.1AI score0.00213EPSS
Exploits0References8
osv
osv
added 6 days ago2 views

GHSA-489G-7RXV-6C8Q MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)

Summary GHSA-7r34-79r5-rcc9's fix added validateurlforssrf, which resolves the attacker-controlled X-Atlassian-Jira,Confluence-Url header host once at middleware time and trusts the result. But the outbound request is later built with the raw hostname and re-resolves at connect time with no IP...

6.5CVSS6.1AI score
Exploits0References2
cvelist
cvelist
added last week33 views

CVE-2026-53962 Discourse: Insufficient SVG sanitization logic

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG sanitization in upload and user avatar handling could lead to cross-site scripting when a user visited specific URLs that are not normally part of community browsing. This issue ...

5.4CVSS0.0027EPSS
Exploits0References9
osv
osv
added last week2 views

OESA-2026-2968 rubygem-faraday security update

HTTP/REST API client library Security Fixes: Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Prior to 2.14.1, Faraday's buildexclusiveurl method in lib/faraday/connection.rb uses Ruby's URImerge to combine the connection's base URL with a...

7.5CVSS6.2AI score0.00391EPSS
Exploits1References3
attackerkb
attackerkb
added 2026/07/07 3:13 a.m.6 views

CVE-2026-42147

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection sends a server-side request to the configured endpoint, allowing an authenticated user with storage...

4.9CVSS5.9AI score0.00255EPSS
Exploits0References4Affected Software1
osv
osv
added 2026/07/06 7:42 p.m.3 views

CVE-2026-50134 Hugo: security.http.urls allow-list bypass via HTTP redirects

Hugo is a static site generator. From 0.91.0 until 0.162.0, resources.GetRemote enforces security.http.urls on the URL it is called with, but it did not re-validate intermediate URLs on HTTP 3xx redirects. An allowed server or an attacker controlling its DNS or response could therefore redirect t...

6.3CVSS5.9AI score0.00249EPSS
Exploits0References5
nvd
nvd
added 2026/07/01 9:17 p.m.5 views

CVE-2026-55661

Tina is a headless content management system. In versions prior to @tinacms/mdx 2.1.7 and tinacms 3.9.3, rich-text parsing and the default link/image renderers did not sanitize the url field on Slate link/image nodes. Content containing javascript: or data:text/html URLs — including case-variant,...

4.8CVSS0.00239EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/29 12:0 a.m.22 views

PT-2026-53321

Name of the Vulnerable Software and Affected Versions Snowflake CLI versions prior to 3.19 Description Improper handling of untrusted remote references allows server-side request forgery SSRF, a condition where a server is coerced into making requests to an unintended destination. The SQL stateme...

9.6CVSS6.1AI score0.00118EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/06/26 3:45 p.m.8 views

CVE-2026-47214

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/25 8:38 p.m.11 views

CVE-2026-12473

OHIF Viewers are affected: two default-configured data sources, DICOMWebProxy and DICOMJSON, fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the user's OIDC Bearer token into those requests and transmits it to an attacker-controll...

8.3CVSS6AI score0.00232EPSS
Exploits0References2
drupal
drupal
added 2026/06/24 12:0 a.m.7 views

OpenAI Provider - Moderately critical - Server-side Request Forgery - SA-CONTRIB-2026-053

This module enables you to use OpenAI as a provider for the AI module. The module doesn't sufficiently sanitize user-supplied URLs, leading to a Server-side request forgery SSRF vulnerability. This vulnerability is mitigated by the fact that an attacker must have the access to change the host url...

3.3CVSS5.9AI score0.00161EPSS
Exploits0References3
euvd
euvd
added 2026/06/23 12:30 a.m.11 views

EUVD-2026-38379

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 fail to validate script-capable URLs in the navigateTo open option, allowing client-side script execution. Attackers can supply javascript: URLs through the open parameter to execute arbitrary scripts in the application's origin when...

6.1CVSS6.1AI score0.00234EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/06/22 3:40 p.m.4 views

CVE-2026-46417 Angular: SSRF via Hostname Hijacking in @angular/platform-server

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server. The issue stems from how...

8.8CVSS5.8AI score0.00221EPSS
Exploits0References2
snyk
snyk
added 2026/06/19 9:41 p.m.5 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the data-mw-iframeconfig attribute when handling malformed URLs or IDs containing single quotes. An attacker can execute arbitrary JavaScript in the context of the affected site by injecting malicious payloa...

8.7CVSS5.9AI score
Exploits0References3
attackerkb
attackerkb
added 2026/06/19 5:6 p.m.7 views

CVE-2026-49359

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint fetches the content of option values server-side via filegetcontents when the value looks like a URL, without restricting the URL scheme. The attachment option of...

6.5CVSS6AI score0.00242EPSS
Exploits0References5Affected Software1
snyk
snyk
added 2026/06/18 1:1 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the processing of user-supplied URLs in outgoing HTTP components, including notification channels, OIDC backchannel logout, and SAML metadata fetches. An attacker can access internal network resources...

4.2CVSS6AI score0.00252EPSS
Exploits0References2
circl
circl
added 2026/06/18 10:1 a.m.10 views

CVE-2026-8024

creationtimestamp| type| source ---|---|--- 2026-06-18 10:01:16+00:00| seen| https://infosec.exchange/users/certvde/statuses/116770529327887486 2026-06-18 10:01:32+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mokl2y64ikr2 2026-06-18 12:19:34+00:00| seen|...

9.8CVSS5.8AI score0.00553EPSS
Exploits0References4
Rows per page
Query Builder