Lucene search
+L

118 matches found

nvd
nvd
added 2026/07/08 9:16 p.m.9 views

CVE-2026-60105

Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP function, which fails to detect embedded IPv4 addresses within IPv4-mapped IPv6 addresses. An unauthenticated attacker can obta...

8.6CVSS0.00353EPSS
Exploits0References3
osv
osv
added 2026/06/25 6:43 p.m.3 views

GO-2026-5244 Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg

Gotenberg has an SSRF deny-list bypass in IsPublicIP via IPv6 6to4 / NAT64 / site-local prefixes in github.com/gotenberg/gotenberg...

5.8AI score0.00051EPSS
Exploits0References1
nvd
nvd
added 2026/06/24 8:16 p.m.6 views

CVE-2026-47389

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS0.00232EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/24 7:41 p.m.23 views

CVE-2026-47389 Mastodon: SSRF protection bypass on older Ruby versions

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, when using Ruby versions older than 3.4, PrivateAddressCheck.privateaddress? returns false for IPv4-mapped IPv6 addresses ::ffff:a.b.c.d corresponding to some private IPv4 addresses,...

8.6CVSS0.00232EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/24 6:9 p.m.5 views

CVE-2026-53945

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS5.9AI score0.0014EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/06/23 6:18 p.m.12 views

CVE-2026-49860

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially...

5.2CVSS0.00101EPSS
Exploits0References1
susecve
susecve
added 2026/06/12 2:25 a.m.10 views

SUSE CVE-2026-48860

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.4AI score0.00194EPSS
Exploits0References3
euvd
euvd
added 2026/06/10 2:35 p.m.13 views

EUVD-2026-36057

Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl inettlsdist module allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inettlsdist:checkip/1 function, which enforces a LAN allowlist for Erlang distribution over TLS, calls inet:sockname/1 instead...

7.5CVSS5.5AI score0.00194EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/04 12:0 a.m.20 views

PT-2026-46304

Name of the Vulnerable Software and Affected Versions WebOb versions prior to 1.8.10 Description An open redirect occurs when the software normalizes the HTTP Location header to include the request hostname. The process involves parsing the redirect URL using Python's urllib.parse and joining it ...

6.1CVSS5.3AI score0.00161EPSS
Exploits0References37
redhatcve
redhatcve
added 2026/05/30 8:13 a.m.15 views

CVE-2026-45310

CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetchurl tool validates the initial URL's resolved IP address against a restricted-IP blocklist isrestrictedip to prevent SSRF attacks against internal services cloud metadata endpoints, localhost, private networks...

7.4CVSS5.7AI score0.00226EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/11 9:42 p.m.6 views

CVE-2026-43899

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution bypass RCE. While the patch correctly restricted...

9.6CVSS6AI score0.00634EPSS
Exploits1References2Affected Software1
osv
osv
added 2026/05/08 10:10 p.m.3 views

CVE-2026-42344 FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress allows SSRF on all protected endpoints

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding TOCTOU — Time-of-Check to Time-of-Use. The function resolves the hostname via dns.resolve4/dns.resolve6 and check...

6.3CVSS6AI score0.00148EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/05/08 10:10 p.m.6 views

CVE-2026-42344 FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress allows SSRF on all protected endpoints

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding TOCTOU — Time-of-Check to Time-of-Use. The function resolves the hostname via dns.resolve4/dns.resolve6 and check...

6.3CVSS5.8AI score0.00148EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/08 10:10 p.m.56 views

CVE-2026-42344 FastGPT: DNS rebinding TOCTOU bypass in isInternalAddress allows SSRF on all protected endpoints

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding TOCTOU — Time-of-Check to Time-of-Use. The function resolves the hostname via dns.resolve4/dns.resolve6 and check...

6.3CVSS0.00148EPSS
Exploits0References1
cve
cve
added 2026/05/08 2:22 p.m.19 views

CVE-2026-43441

CVE-2026-43441 relates to the Linux kernel bonding code. When IPv6 is disabled, receiving an IPv6 NS/NA on a bonded slave could reach bond_validate_na() and trigger a NULL pointer dereference in ipv6_chk_addr(). The fixes provided in the sources implement a guard: check ipv6_mod_enabled() (or ipv...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References6Affected Software1
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.28 views

PT-2026-39208

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.11 Description The isInternalAddress function in packages/service/common/system/utils.ts fails to properly block cloud metadata endpoints. The function uses a fullUrl.startsWith check against a hardcoded list tha...

7.7CVSS5.8AI score0.00213EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.24 views

PT-2026-39207

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.12 Description The isInternalAddress function in packages/service/common/system/utils.ts is susceptible to DNS rebinding, a Time-of-Check to Time-of-Use TOCTOU issue. The function validates a hostname by resolvin...

6.3CVSS5.8AI score0.00148EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.11 views

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT 4.14.11 and earlier contain security vulnerabilities. These vulnerabilities stem from a DNS rebinding vulnerability in the isInternalAddress function, which...

6.3CVSS5.8AI score0.00148EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/01 2:14 p.m.30 views

CVE-2026-31738 vxlan: validate ND option lengths in vxlan_na_create

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

0.00123EPSS
Exploits0References8
euvd
euvd
added 2026/04/10 4:39 p.m.3 views

EUVD-2026-21507

FastGPT is an AI Agent building platform. Prior to 4.14.10.3, the /api/core/app/mcpTools/runTool endpoint accepts arbitrary URLs without authentication. The internal IP check in isInternalAddress only blocks private IPs when CHECKINTERNALIP=true, which is not the default. This allows...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder