Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/08 8:46 p.m.18 views

CVE-2025-32013

LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery SSRF vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request ...

9.3CVSS7.5AI score0.00628EPSS
Exploits2References1
Circl
Circl
added 2025/04/06 8:43 p.m.21 views

CVE-2025-32013

creationtimestamp| type| source ---|---|--- 2025-04-06 20:43:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10641 2025-04-06 21:40:16+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lm6fvkpnqa2o 2025-04-06 23:12:17+00:00| seen|...

9.3CVSS5.7AI score0.00628EPSS
Exploits2References7
Cvelist
Cvelist
added 2025/04/06 8:7 p.m.34 views

CVE-2025-32013 Server-Side Request Forgery via LNURL Authentication Callback in LNbits Lightning Network Payment System

LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery SSRF vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request ...

9.3CVSS0.00628EPSS
Exploits2References1
OSV
OSV
added 2025/04/06 8:7 p.m.18 views

CVE-2025-32013 Server-Side Request Forgery via LNURL Authentication Callback in LNbits Lightning Network Payment System

LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery SSRF vulnerability has been discovered in LNbits' LNURL authentication handling functionality. When processing LNURL authentication requests, the application accepts a callback URL parameter and makes an HTTP request ...

9.3CVSS6.8AI score0.00628EPSS
Exploits2References3
CVE
CVE
added 2025/04/06 8:7 p.m.80 views

CVE-2025-32013

CVE-2025-32013 affects LNbits LNURL authentication handling. The SSRF occurs when the server processes a callback URL: it issues an HTTP request to the provided URL with redirects enabled via httpx and does not adequately validate the callback, enabling an attacker to target internal network addr...

9.3CVSS6.8AI score0.00628EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder