Lucene search
K

529 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.10 views

CVE-2026-6604

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5936

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

8.5CVSS5.6AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.9 views

CVE-2026-42449

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path N8NDocumentationMCPServer constructor, getN8nApiClient, and validateInstanceContext, the synchronous URL validator in...

8.5CVSS5.4AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:15 p.m.9 views

CVE-2026-2393

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

7.1CVSS7.3AI score0.00288EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/02 11:53 p.m.20 views

CVE-2026-44578

A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery SSRF through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or...

8.6CVSS5.8AI score0.38696EPSS
Exploits9References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.8 views

Clair 代码问题漏洞

Clair is a project open source by QUAY. It is used for static analysis of vulnerabilities in application containers currently including OCI and Docker. Clair has code-related vulnerabilities. These vulnerabilities arise from the fetcher component, which allows unauthenticated attackers to perform...

5.8CVSS5.3AI score0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.11 views

PT-2026-45353

Name of the Vulnerable Software and Affected Versions Clair affected versions not specified Description A flaw in the fetcher component allows the system to make outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors because it lacks IP or scheme filtering. When Pre-Shar...

5.8CVSS5.8AI score0.00292EPSS
Exploits0References4
NVD
NVD
added 2026/05/31 11:16 a.m.21 views

CVE-2026-10177

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file apidocs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has...

6.5CVSS0.00209EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/29 9:50 a.m.15 views

CVE-2026-42965 Openshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validation

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 9:50 a.m.40 views

CVE-2026-42965

CVE-2026-42965 affects the OpenShift Router. The issue arises when a user with EndpointSlice write access creates a Service backed by an FQDN EndpointSlice that resolves to a cloud metadata endpoint, allowing the router to proxy requests to that endpoint and disclose instance credentials and othe...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/29 9:50 a.m.13 views

CVE-2026-42965

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/29 9:50 a.m.16 views

CVE-2026-42965

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

7.7CVSS5.7AI score0.00226EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/29 9:50 a.m.39 views

CVE-2026-42965 Openshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validation

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

7.7CVSS0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

Red Hat OpenShift 代码问题漏洞

Red Hat OpenShift is a Platform as a Service PaaS cloud computing platform provided by Red Hat Inc. It supports the construction, testing, deployment, and running of applications. There is a code vulnerability in Red Hat OpenShift. This vulnerability arises from users with write permissions for...

7.7CVSS5.8AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44798

Name of the Vulnerable Software and Affected Versions OpenShift Router affected versions not specified Description A flaw in the OpenShift Router allows a user with EndpointSlice write access to proxy requests to a cloud metadata endpoint. This is achieved by creating a Service backed by a Fully...

7.7CVSS5.5AI score0.00226EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/05/28 6:27 p.m.16 views

compliance-trestle Vulnerable to SSRF in Remote Fetching Subsystem

A source code audit led to the discovery of three significant security vulnerabilities in the trestle/core/remote/cache.py module. Finding 1 Critical: SSRF CWE-918 The HTTPSFetcher.dofetch method passes a user-supplied URL directly to requests.get without validation. This allows an attacker to...

6AI score0.00012EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/28 12:30 p.m.18 views

EUVD-2026-32862

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

6.2CVSS5.8AI score0.00232EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 8:50 a.m.7 views

BIT-MLFLOW-2026-2393 Server-Side Request Forgery (SSRF) in mlflow/mlflow

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

7.1CVSS7.2AI score0.00288EPSS
Exploits1References3
NVD
NVD
added 2026/05/27 6:16 p.m.23 views

CVE-2026-48148

Budibase is an open-source low-code platform. Prior to 3.35.3, the VectorDB configuration endpoint in Budibase accepts a host parameter that undergoes no validation against internal IP ranges, reserved hostnames, or URL schemes. Any authenticated user with builder-level access can supply an...

5.3CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.21 views

CVE-2026-48146

Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetchconfig.url with no SSRF protection. The safe wrapper fetchWithBlacklist exists in the same codebase and is used in every other outbound...

7.7CVSS0.00217EPSS
Exploits0References1
Rows per page
Query Builder