Lucene search
K

1428 matches found

Nuclei
Nuclei
added yesterday19 views

MindsDB -DNS Rebinding SSRF Protection Bypass

Detects DNS rebinding vulnerability that allows bypass of SSRF protection. The vulnerability exists in the URL validation mechanism where DNS resolution is performed without considering DNS rebinding attacks. id: CVE-2024-24759 info: name: MindsDB -DNS Rebinding SSRF Protection Bypass author: Lee...

9.3CVSS5.8AI score0.04936EPSS
Exploits1References2
NVD
NVD
added 2 days ago5 views

CVE-2026-10546

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40402

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS5.8AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-10546 DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 2 days ago8 views

CVE-2026-10546

IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery SSRF vulnerability in the URL component src/lfx/src/lfx/components/datasource/url.py due to a Time-of-Check/Time-of-Use TOCTOU race condition that can be exploited via DNS rebinding...

7.1CVSS5.8AI score0.00145EPSS
Exploits0References1
NVD
NVD
added 2 days ago11 views

CVE-2026-58169

Vibe-Trading before 0.1.10 contains a DNS rebinding authentication bypass vulnerability that allows remote attackers to bypass bearer-token authentication by exploiting the server's trust of TCP peer addresses for loopback clients combined with missing Host header validation while binding to...

7.7CVSS0.00286EPSS
Exploits0References7
CVE
CVE
added 2 days ago10 views

CVE-2026-58169

CVE-2026-58169 — Vibe-Trading

7.7CVSS6.4AI score0.00286EPSS
Exploits0References7
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40350

Vibe-Trading before 0.1.10 contains a DNS rebinding authentication bypass vulnerability that allows remote attackers to bypass bearer-token authentication by exploiting the server's trust of TCP peer addresses for loopback clients combined with missing Host header validation while binding to...

7.7CVSS6.4AI score0.00286EPSS
Exploits0References7
OSV
OSV
added 3 days ago6 views

PYSEC-2026-520 Ray is vulnerable to Critical RCE via Safari & Firefox Browsers through DNS Rebinding Attack

Summary Developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. Due to the longstanding decision by the Ray Development team to not implement any sort of authentication on critical endpoints, like the /api/jobs &...

9.4CVSS7AI score0.00338EPSS
Exploits0References11
CVE
CVE
added 6 days ago21 views

CVE-2026-54353

Budibase prior to version 3.39.9 is vulnerable to a non‑blind SSRF due to a DNS rebinding bypass in the outbound fetch validation flow. Authenticated users with automation permissions can bypass the SSRF blacklist: the hostname is validated against the blacklist, but the socket connection later p...

8.5CVSS5.8AI score0.00202EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 6 days ago6 views

CVE-2026-46611

A vulnerability in the Glances XML-RPC server fails to properly validate HTTP Host headers, enabling DNS rebinding attacks. If a user is tricked into visiting a malicious website, a remote attacker can exploit this flaw to exfiltrate sensitive system monitoring data. Mitigation The XML-RPC server...

5.3CVSS5.8AI score0.00156EPSS
Exploits0References5
NVD
NVD
added last week8 views

CVE-2026-46611

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server glances -s, implemented in glances/server.py does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. An attacker can exploit DNS rebinding to exfiltrate the...

5.3CVSS0.00156EPSS
Exploits0References2
Cvelist
Cvelist
added last week19 views

CVE-2026-46611 Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server glances -s, implemented in glances/server.py does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. An attacker can exploit DNS rebinding to exfiltrate the...

5.3CVSS0.00156EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 6:9 p.m.26 views

CVE-2026-53945 Ghost: Server-side request forgery via DNS rebinding in external request handling

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, Ghost’s private-IP check for outbound HTTP requests could be bypassed via DNS rebinding, allowing an attacker to coerce the Ghost server into reaching hosts on internal networks through features that issue external fetches. Th...

4CVSS0.0014EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 4:8 p.m.3 views

Security Bulletin: DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

Summary Langflow OSS contains DNS rebinding TOCTOU vulnerability bypassing SSRF protection. URL component validates URLs with validateurlforssrf but fetches via RecursiveUrlLoader performing independent DNS resolution, creating exploitable TOCTOU window. Maintainers fixed identical issue in...

7.1CVSS5.8AI score0.00145EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 9:31 p.m.6 views

Glances: XML-RPC Server Missing Host Header Validation Enables DNS Rebinding Attack

Summary The Glances XML-RPC server glances -s, implemented in glances/server.py does not validate the HTTP Host header, leaving it vulnerable to DNS rebinding attacks. CVE-2026-32632 patched in 4.5.2 added TrustedHostMiddleware to the REST/WebUI server; the MCP server has had equivalent protectio...

5.3CVSS6.1AI score0.00156EPSS
Exploits0References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS using DNS rebinding. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...

8.1CVSS7.7AI score0.0042EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in GUPNP

A vulnerability was discovered in GUPnP before versions 1.0.7, 1.1.x, and 1.2.x, as well as before version 1.2.5. This vulnerability allows for DNS rebinding. A remote web server can exploit this vulnerability to trick the victim’s browser into performing actions against local UPnP services...

8.1CVSS7.7AI score0.01084EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 1:52 p.m.3 views

GHSA-VMF9-XX9W-86WX PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools

PraisonAI ToolsMCPServer legacy SSE transport accepts attacker Host/Origin and exposes registered tools Summary praisonaiagents.mcp.ToolsMCPServer.runsse builds a Starlette MCP HTTP+SSE server around mcp.server.sse.SseServerTransport. The server exposes /sse and /messages/, but it does not valida...

8.3CVSS5.6AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/18 1:1 p.m.8 views

ZITADEL: Server-Side Request Forgery (SSRF) and Denylist Bypass in Outgoing HTTP Components

Summary A Server-Side Request Forgery SSRF vulnerability was discovered in Zitadel affecting: HTTP Notification Channels: Used as an alternative to SMTP/Twilio configurations, sending payloads to user-defined URLs via HTTP POST webhooks. OIDC BackChannel Logout: Terminates sessions across differe...

6.1AI score
Exploits0References4Affected Software1
Rows per page
Query Builder