Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

168 matches found

NVD
NVDadded 2026/06/17 5:16 p.m.6 views

CVE-2025-71320

picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when...

9.8CVSS0.00623EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/17 3:4 p.m.16 views

CVE-2025-71320 picklescan - Remote Code Execution via Incomplete Disallowed Inputs

picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when...

9.8CVSS0.00623EPSS
Exploits0References2
CVE
CVEadded 2026/06/17 3:4 p.m.18 views

CVE-2025-71320

The CVE identifies a vulnerability in picklescan prior to 0.0.33, where an incomplete deny-list fails to block pydoc.locate and operator.methodcaller. This allows remote attackers to craft malicious pickle files that, when deserialized, yield arbitrary code execution. The issue is tied to deseria...

9.8CVSS6.1AI score0.00623EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/17 3:4 p.m.9 views

EUVD-2025-210267

picklescan before 0.0.33 contains an incomplete deny-list that fails to block pydoc.locate and operator.methodcaller functions, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using these unblocked functions to achieve arbitrary code execution when...

9.8CVSS6.1AI score0.00623EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/16 12:0 a.m.12 views

PT-2026-50154

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.1 Description When opening a WebSocket connection, the runtime validates the destination hostname against --deny-net rules but fails to re-verify the IP addresses the hostname resolves to. This allows an...

5.2CVSS5.9AI score0.00106EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/06/05 7:20 p.m.8 views

CVE-2026-41272

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the...

7.1CVSS7.1AI score0.00232EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:16 p.m.7 views

CVE-2026-42595

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

8.6CVSS5.5AI score0.00313EPSS
Exploits1References1
Snyk
Snykadded 2026/05/14 5:16 p.m.3 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the chromium/convert/url endpoint due to insufficient validation of redirect destinations against the deny-list. An attacker can access internal network resources and sensitive endpoints by supplying ...

8.7CVSS5.8AI score0.00313EPSS
Exploits1References2
Snyk
Snykadded 2026/05/14 5:16 p.m.6 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the chromium/convert/url endpoint due to insufficient validation of redirect destinations against the deny-list. An attacker can access internal network resources and sensitive endpoints by supplying ...

8.7CVSS5.8AI score0.00313EPSS
Exploits1References2
NVD
NVDadded 2026/05/14 4:16 p.m.8 views

CVE-2026-42592

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...

5.3CVSS0.00186EPSS
Exploits1References1
NVD
NVDadded 2026/05/14 4:16 p.m.13 views

CVE-2026-42596

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as...

9.4CVSS0.00352EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/14 3:33 p.m.7 views

CVE-2026-42595 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

8.6CVSS5.8AI score0.00313EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/14 3:33 p.m.5 views

CVE-2026-42595

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

8.6CVSS5.8AI score0.00313EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/05/14 3:33 p.m.11 views

CVE-2026-42595

CVE-2026-42595 describes an SSRF flaw in Gotenberg’s Chromium URL endpoint (/forms/chromium/convert/url) prior to version 8.32.0. The default deny-list blocks only file:// URIs, leaving HTTP/HTTPS targets—including internal IPs and cloud metadata endpoints—unrestricted. An unauthenticated attacke...

8.6CVSS5.8AI score0.00313EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2026/05/14 3:33 p.m.39 views

CVE-2026-42595 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

8.6CVSS0.00313EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/05/14 3:30 p.m.40 views

CVE-2026-42592 Gotenberg: DNS rebinding bypasses SSRF validation on Chromium URL conversion routes

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, FilterOutboundURL resolves the hostname, checks the resolved IPs against the private-address deny-list, and returns only the error. It discards the resolved addresses. Chromium later performs its own DNS resolution when i...

5.3CVSS0.00186EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/14 3:19 p.m.5 views

CVE-2026-42596

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/14 3:19 p.m.45 views

CVE-2026-42596 Gotenberg: Unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as...

9.4CVSS0.00352EPSS
Exploits1References1
CVE
CVEadded 2026/05/14 3:19 p.m.20 views

CVE-2026-42596

CVE-2026-42596 describes an unauthenticated SSRF vulnerability in Gotenberg’s default deny-list filtering for the downloadFrom and webhook features. The issue arises because the deny-lists are regex-based and case-sensitive, allowing attacker-controlled URLs (e.g., IPv4-mapped IPv6 loopback forms...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/14 3:19 p.m.7 views

CVE-2026-42596 Gotenberg: Unauthenticated SSRF via default deny-list bypass in downloadFrom and webhook

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, the default deny-lists used by Gotenberg's downloadFrom feature and webhook feature are bypassable. Because the filter is regex-based and case-sensitive, an unauthenticated attacker can supply URLs such as...

9.4CVSS5.8AI score0.00352EPSS
Exploits1References1
Rows per page
Query Builder