62 matches found
EUVD-2026-43308
Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4, 10.11.x = 10.11.19 fail to validate that an assigned incoming webhook user has access to the target team or channel, which allows a requester with webhook management permissions to create posts or direct messages attributed to another user via...
GHSA-V455-MV2V-5G92 Fission Container Executor Function PodSpec Injection Leading to Node Escape
Summary Fission's Container Executor path lets a tenant supply Function.spec.podspec directly; the executor merges it into the executor-built podspec and creates a Deployment whose pods run the user's container image. Details Two flaws compounded: 1...
CVE-2026-27882 Coolify: Timing Attack in GitLab Webhook Token Validation
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.461, the GitLab webhook endpoint uses a non-constant-time string comparison operator !== to validate the webhook secret token. This implementation is vulnerable to timing attack...
CVE-2026-27882
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.461, the GitLab webhook endpoint uses a non-constant-time string comparison operator !== to validate the webhook secret token. This implementation is vulnerable to timing attack...
CVE-2026-56227
Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. Organization admins can configure webhooks pointing to localhost or 127.0.0.1, and when triggered, the backend performs outbound requests to these...
EUVD-2026-38115
Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. Organization admins can configure webhooks pointing to localhost or 127.0.0.1, and when triggered, the backend performs outbound requests to these...
CVE-2026-56227 Capgo - Server-Side Request Forgery via Webhook URL Validation
Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. Organization admins can configure webhooks pointing to localhost or 127.0.0.1, and when triggered, the backend performs outbound requests to these...
PT-2026-57168
Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.7 Description The Docker API server contains a server-side request forgery SSRF issue where the server makes requests to internal services due to a lack of destination validation for webhook URLs. This can lead t...
CVE-2026-41688
Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname but passes the original hostname to cURL without CURLOPTRESOLVE pinning on 10 of 11 outbound HTTP endpoints, leaving a DNS...
CVE-2026-44502
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
CVE-2026-44502
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
CVE-2026-44502 Bugsink: SSRF bypass in `validate_webhook_url`
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
CVE-2026-44502 Bugsink: SSRF bypass in `validate_webhook_url`
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
CVE-2026-44502
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
Bugsink 代码问题漏洞
Bugsink is an open-source, self-hosted bug tracking software developed by Bugsink. Versions of Bugsink prior to 2.1.3 had code vulnerabilities. These vulnerabilities stemmed from URL parsing issues, which allowed partial bypass of Webhook URL validation. This could enable attackers to circumvent...
CVE-2026-34207 TypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation
TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.examp...
CVE-2026-34207
TypeBot SSRF protection bypass (CVE-2026-34207) affects versions
CVE-2026-34207 TypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation
TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.examp...
GHSA-FP53-QCF8-2XX2 Bunsink has an SSRF bypass in `validate_webhook_url`
Summary Bugsink’s webhook URL validation in versions 2.1.2 and earlier could be partially bypassed because of a mismatch in URL parsing. In some malformed URLs, Python’s standard URL parser urllib and the HTTP client stack requests / urllib3 do not agree on which host is actually being targeted...
PT-2026-39265
Name of the Vulnerable Software and Affected Versions Bugsink versions prior to 2.1.3 Description A mismatch in URL parsing allows the bypass of webhook URL validation. The system used Python's urllib.parse.urlparse for validation but requests.post to send the request. For malformed inputs...