Lucene search
K

75 matches found

CVE
CVE
added 2026/06/26 1:8 p.m.15 views

CVE-2026-57940

CVE-2026-57940 affects HTMLy 3.1.1 and describes an SSRF in the RSS feed import. The vulnerable code path is get_feed() in system/admin/admin.php, which passes user-supplied feed_url directly to file_get_contents() without validation. An authenticated admin can exploit this by supplying a crafted...

2.1CVSS5.8AI score0.00229EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/24 6:10 p.m.5 views

CVE-2026-53944

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

5.8CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.13 views

PT-2026-52068

Name of the Vulnerable Software and Affected Versions Ghost versions 6.0.9 through 6.21.0 Description Ghost is a Node.js content management system. An issue exists where the IP filter designed to prevent external requests from reaching internal services can be bypassed. This is achieved by using ...

5.8CVSS5.8AI score0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/22 3:39 p.m.35 views

CVE-2026-50168 Angular: URL Parser Differential in @angular/platform-server leading to SSRF Allowlist Bypass

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints an...

8.8CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 4:16 p.m.10 views

CVE-2026-22551

In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitrary external URLs without restriction. Combined with prompt injection in a malicious workspace, an attacker could induce the AI agent to construct image URLs...

6.7CVSS0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/18 2:32 p.m.9 views

EUVD-2026-37900

In Eclipse Theia versions prior to 1.71.0, the AI chat rendered Markdown image tags from AI responses, triggering HTTP requests to arbitrary external URLs without restriction. Combined with prompt injection in a malicious workspace, an attacker could induce the AI agent to construct image URLs...

6.7CVSS5.4AI score0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 2:32 p.m.19 views

CVE-2026-22551

Eclipse Theia versions before 1.71.0 are affected: the AI chat could render Markdown image tags from AI responses, causing HTTP requests to arbitrary external URLs. In combination with a malicious workspace via prompt injection, an attacker could coax the AI agent to construct image URLs that lea...

6.7CVSS5.5AI score0.00181EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 8:15 p.m.22 views

LobeHub: Unauthenticated SSRF in `/webapi/proxy`

Unauthenticated SSRF in /webapi/proxy allows anyone to proxy requests and inject cookies on lobehub.com Summary The /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST body and fetches it server-side without any authentication. This is the same proxy code that was vulnerable in...

9CVSS8.4AI score0.52683EPSS
Exploits2References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.19 views

PT-2026-48497

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/08 12:51 p.m.13 views

GeoNode contains a server-side request forgery vulnerability in the service registration endpoint

GeoNode versions 4.4.5 and 5.0.2 and prior within their respective releases contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound network requests to arbitrary URLs by submitting a crafted service URL durin...

6.3CVSS5.6AI score0.00172EPSS
Exploits0References6Affected Software1
Ubuntu
Ubuntu
added 2026/06/04 1:59 p.m.13 views

USN-8385-1: Robocode vulnerabilities

It was discovered that Robocode could be tricked into making network requests to attacker-controlled systems. An attacker could possibly use this issue to cause external service interaction, resulting in information disclosure. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...

10CVSS5.8AI score0.02226EPSS
Exploits0
Snyk
Snyk
added 2026/05/29 5:16 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via host resolution in the CLI authentication layer. An attacker can obtain authentication tokens intended for GitHub or GitHub Enterprise by causing authenticated requests to be sent to external hosts, as the ho...

9.1CVSS5.4AI score0.00289EPSS
Exploits0References2
OSV
OSV
added 2026/05/23 12:12 a.m.7 views

GHSA-GGXF-37HM-9WQF instagrapi: Unsafe signup challenge path handling in instagrapi

instagrapi versions before 2.6.9 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intende...

6.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/23 12:11 a.m.5 views

GHSA-JH37-X3FV-4X72 aiograpi: Unsafe signup challenge path handling

aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intended...

6.5CVSS5.8AI score0.00195EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/23 12:11 a.m.7 views

Server-side Request Forgery (SSRF)

Overview aiograpi is an Asynchronous Instagram Private API wrapper Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the signup challenge path handling process. An attacker can access sensitive information by supplying a malicious challenge payload that caus...

7.1CVSS5.8AI score0.00195EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.14 views

PT-2026-42861

Name of the Vulnerable Software and Affected Versions aiograpi versions prior to 0.9.10 Description The software accepts server-supplied signup challenge paths and uses them to construct request URLs without first validating that the paths are relative Instagram API paths. If an attacker influenc...

6.5CVSS5.4AI score0.00195EPSS
Exploits0References9
OSV
OSV
added 2026/05/11 6:31 p.m.5 views

GHSA-65H7-C7C4-MGHX MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

7.1CVSS6AI score0.00288EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.14 views

PT-2026-39328

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.18 Description The JSX renderer escapes style attribute object values for HTML but not for CSS. When untrusted input is interpolated into a JSX style object and rendered server-side, characters that act as CSS...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References170
Vulnrichment
Vulnrichment
added 2026/04/24 12:14 a.m.3 views

CVE-2026-31955 Xibo CMS has Authenticated Server-Side Request Forgery (SSRF) in Remote DataSet Functionality

Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 4.4.1 allows users with DataSet permissions to make arbitrary HTTP requests from the CMS...

4.9CVSS5.6AI score0.00282EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 9:13 p.m.27 views

CVE-2026-41170 Squidex has SSRF via Backup Restore Endpoint — Admin-Controlled URL Download Allows Internal and External Requests

Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the RestoreController.PostRestoreJob endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" HttpClient...

8.5CVSS0.00238EPSS
Exploits0References2
Rows per page
Query Builder