CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

220 matches found

draw.io < 18.0.5 - Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in draw.io also known as diagrams.net prior to version 18.0.5 allows attackers to bypass URL validation restrictions in the ProxyServlet component. The vulnerability exists because the application does not properly validate URLs passed to its proxy...

7.5CVSS7.1AI score0.35381EPSS

Exploits1References3

Nuclei•added 2 days ago•46 views

Drawio <18.1.2 - Server-Side Request Forgery

Drawio before 18.1.2 is susceptible to server-side request forgery via the /service endpoint in jgraph/drawio. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-1815 info: nam...

7.5CVSS6.5AI score0.24873EPSS

Exploits1References5

Nuclei•added 4 days ago•31 views

Drawio <18.0.4 - Server-Side Request Forgery

Drawio prior to 18.0.4 is vulnerable to server-side request forgery. An attacker can make a request as the server and read its contents. This can lead to a leak of sensitive information. id: CVE-2022-1713 info: name: Drawio 18.0.4 - Server-Side Request Forgery author: pikpikcu severity: high...

7.5CVSS7.1AI score0.89347EPSS

Exploits1References4

Cvelist•added 2026/04/21 5:56 p.m.•25 views

CVE-2026-40608 Next AI Draw.io: Unbounded HTTP Body — Denial of Service

Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers /api/state, /api/restore, and /api/history-svg that process incoming requests by accumulating the entire request body into a...

6.2CVSS0.00017EPSS

Exploits1References2

CVE•added 2026/04/21 5:56 p.m.•4 views

CVE-2026-40608

CVE-2026-40608 affects Next AI Draw.io (a Next.js app). Before version 0.4.15, the embedded HTTP sidecar’s three POST handlers (/api/state, /api/restore, /api/history-svg) accumulate entire request bodies into a JavaScript string without size limits. Node.js buffers the full payload in the V8 hea...

6.2CVSS5.8AI score0.00017EPSS

Exploits1References2Affected Software1