GHSA-P4HC-9PJH-55C8 ssrfcheck: SSRF Bypass Caused by Failure to Classify Reserved IP Address Space as Invalid

SSRF Bypass in ssrfcheck - fails to classify reserved IP address space as invalid ssrfcheck is an npm package that serves to provide protection from SSRF by validating URLs or hostname inputs. Resources: Project's GitHub code repository: https://github.com/felippe-regazio/ssrfcheck Project's npm...

CVE-2026-42427

OpenClaw before 2026.4.8 contains a remote code execution vulnerability caused by missing environment variable denylist entries for HGRCPATH, CARGOBUILDRUSTCWRAPPER, RUSTCWRAPPER, and MAKEFLAGS. Attackers can inject malicious build tool environment variables to influence host exec commands and...

PT-2026-31595

Name of the Vulnerable Software and Affected Versions Canonical LXD versions 4.12 through 6.7 Description Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in the isVMLowLevelOptionForbidden function lxd/project/limits/permissions.go. This denylist omits raw.apparmor and...

CVE-2026-33194

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocke...

PT-2026-26763

Name of the Vulnerable Software and Affected Versions Vikunja affected versions not specified Description A flaw exists where a Time-based One-Time Password TOTP used for successful 2FA authentication can be reused within its 30-second validity window, allowing subsequent authentication attempts...

CVE-2026-30938

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.12 and 9.5.1-alpha.1, the requestKeywordDenylist security control can be bypassed by placing any nested object or array before a prohibited keyword in the request payload. This is...

SSRF Check 安全漏洞

SSRF Check is a check string for potential SSRF attacks by Felippe Regazio Personal Developer. A security vulnerability exists in versions of SSRF Check prior to 1.2.0, which stems from an incomplete IP address range denial list that could lead to server-side request forgery...

Mattermost 代码问题漏洞

Mattermost is an open source collaboration platform from US-based Mattermost. A code issue vulnerability exists in Mattermost version 9.5.8, which stems from a failure to add Oracle Cloud and Alibaba metadata endpoints to the server-side request forgery denial list, resulting in vulnerability to...

Grav 安全漏洞

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms, and one-page product displays. A security vulnerability exists in Grav 1.7.42.1 and earlier versions, which stems from a denial list isDangerousFunction being bypassed by returning an...

Open-Xchange OX App Suite 代码问题漏洞

Open-Xchange OX App Suite is an e-mail and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX App Suite that stems from an IPv4-mapped IPv6 address not being recognized by code as a local address, which can be exploited by an attacker ...

CVE-2023-34253

Grav is a flat-file content management system. Prior to version 1.7.42, the denylist introduced in commit 9d6a2d to prevent dangerous functions from being executed via injection of malicious templates was insufficient and could be easily subverted in multiple ways -- 1 using unsafe functions that...

sanitize-svg 安全漏洞

sanitize-svg is a small SVG sanitizer to prevent XSS attacks. A security vulnerability exists in versions of sanitize-svg prior to 0.4.0 that stems from its use of deny-list mode to sanitize svg to prevent cross-site scripting, but an attacker can cause downstream software that relies on it to...

Open-Xchange OX App Suite 代码问题漏洞

Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange OX App Suite version 7.10.6 and earlier, which stems from the use of a malicious DNS record with multiple A or AAAA responses can bypass the deni...

Smokescreen 代码问题漏洞

Smokescreen is an HTTP CONNECT proxy. A code issue vulnerability exists in Smokescreen. An attacker could use the vulnerability to bypass the denial list feature by enclosing the hostname in square brackets...

Smokescreen 代码问题漏洞

Smokescreen is an HTTP CONNECT proxy. A security vulnerability exists in Smokescreen that originates from the ability to bypass the denial list feature by appending a dot to the end of a user-supplied URL or by providing input in a different letter case...

Server-Side Request Forgery (SSRF) in dompdf/dompdf

Description DomPDF uses filegetcontents to obtain HTTP files when allowurlfopen is "On". On default contexts, filegetcontents will redirect whenever served with a 302 response. When developers use DomPDF with isRemoteEnabled set to "true" and allowurlfopen set to "true", but restrict IP addresses...

CVE-2021-32708

Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the...