EUVD-2026-35343

Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a server-side request forgery SSRF attack. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18...

PT-2026-47679

The FastPicker, an order picker and order management system oms for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the settingsPage function. This makes i...

PT-2026-47827

A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website...

CVE-2026-9813

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

genie 安全漏洞

Genie is a CLI tool developed by Automagik that automatically converts sentence-based requests into complete pull requests. Version 2.5.27 of Genie has a security vulnerability. This vulnerability stems from command injection in the viewtask parameter of the readTranscriptFromCommit function, whi...

PT-2026-38382

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.31.0 and earlier Description A Server-Side Request Forgery SSRF issue exists in the LibreOffice conversion endpoint "/forms/libreoffice/convert". While some SSRF hardening is present in the Go code, the application passes...

CVE-2026-31878

Frappe is a full-stack web application framework. Prior to 14.100.1, 15.100.0, and 16.6.0, a malicious user could send a crafted request to an endpoint which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 14.100.1, 15.100.0, and 16.6...

Malicious Package

Overview require-in-package is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior The...

Malicious Package

Overview babel-compile-templates is a malicious package. This package was recognized as part of the 'PhantomRaven' supply chain campaign, which involves credential-stealing malware. The package impersonates well-known ecosystem plugins to deceive developers into installing it. Malicious Behavior...

GHSA-JVXV-2JJP-JXC3 Lemmy has unauthenticated SSRF via file_type query parameter injection in image endpoint

Summary The GET /api/v4/image/filename endpoint is vulnerable to unauthenticated SSRF through parameter injection in the filetype query parameter. An attacker can inject arbitrary query parameters into the internal request to pict-rs, including the proxy parameter which causes pict-rs to fetch...

UBUNTU-CVE-2025-3839

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this...

CVE-2019-25290 INIM Electronics Smartliving SmartLAN/G/SI <=6.x Unauthenticated SSRF via GetImage

Smartliving SmartLAN/G/SI =6.x contains an unauthenticated server-side request forgery vulnerability in the GetImage functionality through the 'host' parameter. Attackers can exploit the onvif.cgi endpoint by specifying external domains to bypass firewalls and perform network enumeration through...

CVE-2023-53899

PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation...

Jenkins Nexus Task Runner Plugin vulnerable to cross-site request forgery

Jenkins Nexus Task Runner Plugin 0.9.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this endpoint does not require POST...

langchain-text-splitters 代码问题漏洞

langchain-text-splitters is a Python package open-sourced by LangChain. A code issue vulnerability exists in langchain-text-splitters version 0.3.8, which stems from the HTMLSectionSplitter class allowing the use of arbitrary XSLT stylesheets, which could lead to an XML External Entity Attack,...

EUVD-2025-24672

Malicious code in bioql PyPI...

EUVD-2025-28214

Malicious code in bioql PyPI...

CVE-2025-54551

Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the...

CVE-2025-54551

Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the...

CVE-2025-27388

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens...