CVE-2026-33682 Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)

Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery SSRF vulnerability. The vulnerability arises from improper validation of attacker-supplied...

Streamlit 代码问题漏洞

Streamlit is an open-source data-oriented Python application development framework created by Streamlit. Versions of Streamlit prior to 1.54.0 contained code vulnerabilities. These vulnerabilities stemmed from improper validation of file system paths provided by attackers, which could lead to...

CVE-2026-27796

Summary: Vulnerability in Homarr prior to v1.54.0 where the integration.all tRPC endpoint was exposed as a publicProcedure, allowing unauthenticated users to retrieve a complete list of configured integrations (internal URLs, names, service types). This information disclosure impact is stated as ...

CVE-2026-27797

Homarr is an open-source dashboard. Prior to version 1.54.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows a remote attacker to force the Homarr server to perform arbitrary outbound HTTP requests. This can be used as an internal network access primitive e.g., reaching...