CVE-2026-9813

FlowIntel up to version 3.3.0 contains a server-side request forgery SSRF vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external reference URL can cause the application server to issue an HTTP HEAD request to an attacker-specifi...

genie 安全漏洞

Genie is a CLI tool developed by Automagik that automatically converts sentence-based requests into complete pull requests. Version 2.5.27 of Genie has a security vulnerability. This vulnerability stems from command injection in the viewtask parameter of the readTranscriptFromCommit function, whi...

GHSA-JVXV-2JJP-JXC3 Lemmy has unauthenticated SSRF via file_type query parameter injection in image endpoint

Summary The GET /api/v4/image/filename endpoint is vulnerable to unauthenticated SSRF through parameter injection in the filetype query parameter. An attacker can inject arbitrary query parameters into the internal request to pict-rs, including the proxy parameter which causes pict-rs to fetch...

EUVD-2025-28214

Malicious code in bioql PyPI...

CVE-2025-27388

CVE-2025-27388 describes an issue where loading arbitrary external URLs through WebView components can inject malicious JavaScript to steal user tokens. The initial entry notes high impact (CVSS 4.0 base score 8.3) with NETWORK attack vector and high confidentiality impact. Connected documents co...

springframework: URL Parsing with Host Validation

A vulnerability was found in Spring Framework. Affected versions of this package are vulnerable to an Open Redirect when using UriComponentsBuilder to parse an externally provided URL and perform validation checks on the host of the parsed URL...

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

CVE-2021-44599

The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to SQL injection attacks. A crafted payload injects a SQL sub-query that calls MySQL's loadfile function with a UNC file path that references a URL on an external domain. The application interacted with...

CVE-2017-9383

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal...

Drupal Core double-encoded 'destination' parameter open redirect vulnerability

Drupal is a free and open source content management system developed in PHP. An open redirection vulnerability exists in the Drupal Core double encoding of the 'destination' parameter.The Drupal 6 'drupalgoto' function fails to correctly decode the content of $REQUEST'destination' when used,...