CVE-2026-25492

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

PT-2026-7142

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the save images Asset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

Remote code execution

A malicious user could use this issue to access internal HTTPs servers and in the worst case ie: aws instance it could be abuse to get a remote code execution on the victim machine...

Unix SSH Shell, Bind Instance Connect (via AWS API)

Creates an SSH shell using AWS Instance Connect Module Options msf use payload/cmd/unix/bindawsinstanceconnect msf payloadbindawsinstanceconnect show actions ...actions... msf payloadbindawsinstanceconnect set ACTION msf payloadbindawsinstanceconnect show options ...show and set options... msf...

Hardcoded credentials

OrangeScrum version 2.0.11 allows an external attacker to remotely obtain AWS instance credentials. This is possible because the application does not properly validate the HTML content to be converted to PDF...

Uber Says It's Investigating a Potential Breach of Its Computer Systems

Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities. The New York Times first reported the incident. The company pointed to its tweeted statement when asked for comment on...

Malicious code in aws-instance-scheduler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5892ee8a63b04ab411e3502b2e75dff16debff01b4903c74798ec7f6fa11303b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Concrete CMS: SSRF mitigation bypass using DNS Rebind attack

We noticed that the upload functionality contains the ability to upload files from remote server, however there are some mitigations against accessing the AWS Instance Metadata service. We've managed to bypass these mitigations using DNS rebinding and we've managed to fetch the AWS IAM keys when...

Topcoder: SSRF at https://cognitive.topcoder.com leads to AWS instance metadata due to vulnerable email subscription feature

Summary: Topcoder makes use of Amazons AWS in their web application environment. I noticed a feature that allows a user to subscribe and receive emails from Topcoder. This feature is vulnerable to server side request forgery since it allows a user to supply an arbitrary URL which the application...