Lucene search
+L

9787 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.14 views

PT-2026-32027

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using request-promise without any I...

7.8CVSS5.9AI score0.00242EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/09 7:43 p.m.1 views

CVE-2026-40089

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

9.9CVSS6AI score0.00232EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 7:43 p.m.26 views

CVE-2026-40089 Sonicverse has Server-Side Request Forgery via user-controlled URLs in dashboard API client

Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery SSRF vulnerability in its API client apps/dashboard/lib/api.ts. Installations created using the provided install.sh script includi...

9.9CVSS0.00232EPSS
Exploits0References1
CVE
CVE
added 2026/04/09 5:41 p.m.34 views

CVE-2026-40072

CVE-2026-40072 – SSRF via CCIP Read in web3.py Affected: web3.py (Python library) versions 6.0.0b3 through before 7.15.0 and 8.0.0b2. The CCIP Read / OffchainLookup (EIP-3668) implementation fetches URLs supplied by contracts without destination validation and with default-on exposure (global_cci...

7.2CVSS6AI score0.00228EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2026/04/09 5:8 p.m.11 views

CVE-2026-39985

LORIS (Longitudinal Online Research and Imaging System) has an open redirect flaw in the login redirect parameter that could cause users to visit arbitrary URLs. Root cause: the redirect value was not validated to be within LORIS prior to versions 27.0.3 and 28.0.1. Impact: potential user redirec...

6.1CVSS6AI score0.00204EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 5:8 p.m.6 views

CVE-2026-39985

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, the redirect parameter upon login to LORIS was not validating the value of the redirect as being within LORIS,...

4.3CVSS6AI score0.00204EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/09 4:45 p.m.2 views

CVE-2026-39974 n8n-MCP has an Authenticated SSRF via instance-URL header in multi-tenant HTTP mode

n8n-MCP is a Model Context Protocol MCP server that provides AI assistants with comprehensive access to n8n node documentation, properties, and operations. Prior to 2.47.4, an authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to iss...

8.5CVSS7.3AI score0.00316EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

Sonicverse 代码问题漏洞

Sonicverse is an open-source, hosted real-time radio audio streaming solution developed by Sonicverse. There are code-related vulnerabilities in Sonicverse; these vulnerabilities stem from the API client accepting user-controlled URLs with insufficient validation. This could allow authenticated...

9.9CVSS5.9AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

LORIS Neuroimaging Platform 输入验证错误漏洞

LORIS Neuroimaging Platform is a neuroimaging platform open source developed by ACElab. Versions of LORIS Neuroimaging Platform prior to 27.0.3 and 28.0.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the login redirection parameters not verifying...

6.1CVSS5.9AI score0.00204EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.9 views

n8n-MCP 代码问题漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.47.4 contained code vulnerabilities. These vulnerabilities stemmed from authenticated server-side request forgery attacks, which could allow callers with a valid...

8.5CVSS6AI score0.00316EPSS
Exploits0References3
NVD
NVD
added 2026/04/06 4:16 p.m.6 views

CVE-2026-34753

vLLM is an inference and serving engine for large language models LLMs. From 0.16.0 to before 0.19.0, a server-side request forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from t...

5.4CVSS0.00246EPSS
Exploits1References1
CVE
CVE
added 2026/04/06 3:36 p.m.27 views

CVE-2026-34753

The CVE-2026-34753 issue is an SSRF in vLLM’s download_bytes_from_url used by the batch runner. Attacker-controlled batch input JSON can set file_url to arbitrary HTTP(S) URLs, and the code fetches them without URL validation, allowing requests from the vLLM host to internal or external targets (...

5.4CVSS6AI score0.00246EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/04/06 3:36 p.m.30 views

CVE-2026-34753 vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

vLLM is an inference and serving engine for large language models LLMs. From 0.16.0 to before 0.19.0, a server-side request forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from t...

5.4CVSS0.00246EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.17 views

Bynder 安全漏洞

Bynder is a brand content management platform used by Bynder Inc. for the centralized management and distribution of digital media assets. Version 0.1.394 of Bynder contains a security vulnerability, which stems from a storage-side cross-site scripting issue. This vulnerability could allow for th...

5.4CVSS5.9AI score0.00138EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/03 8:27 p.m.4 views

CVE-2026-22664 prompts.chat SSRF via Fal.ai Media Status Polling

prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in the Fal.ai media status polling feature that allows authenticated users to perform arbitrary outbound requests by supplying attacker-controlled URLs in the token parameter. Attackers can exploit the lack ...

7.7CVSS5.9AI score0.00301EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.9 views

PT-2026-30275

Name of the Vulnerable Software and Affected Versions vLLM versions 0.16.0 through 0.18.99 Description vLLM, an inference and serving engine for large language models, contains a server-side request forgery SSRF flaw in the download bytes from url function. This allows an attacker who can control...

5.4CVSS6.2AI score0.00246EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.10 views

PT-2026-29741

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS6.2AI score0.00266EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/01 7:43 p.m.9 views

CVE-2026-34746 Payload has Authenticated SSRF via Upload Functionality

Payload is a free and open source headless content management system. Prior to version 3.79.1, an authenticated Server-Side Request Forgery SSRF vulnerability exists in the upload functionality. Authenticated users with create or update access to an upload-enabled collection could cause the serve...

7.7CVSS5.9AI score0.00296EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 4:27 p.m.73 views

CVE-2026-20041

The CVE-2026-20041 entry concerns Cisco Nexus Dashboard and Nexus Dashboard Insights with a server-side request forgery (SSRF) vulnerability due to improper input validation in specific HTTP requests. The flaw could allow an attacker to persuade an authenticated user of the device management inte...

6.1CVSS6.2AI score0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.9 views

PT-2026-29163

Name of the Vulnerable Software and Affected Versions HAPI FHIR versions prior to 6.9.4 Description The /loadIG API endpoint in the FHIR Validator HTTP service does not properly validate user-supplied URLs provided via a JSON body before making server-side HTTP requests. This allows an...

5.8CVSS6AI score0.00235EPSS
Exploits1References7
Rows per page
Query Builder