CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•7 views

EUVD-2026-34972

7.5CVSS5AI score0.00041EPSS

Vulnrichment•added 5 days ago•4 views

CVE-2026-11437 perfree go-fastdfs-web Installation Endpoint checkServer server-side request forgery

7.5CVSS6.7AI score0.00041EPSS

CVE•added 5 days ago•20 views

CVE-2026-11437

The CVE-2026-11437 entry describes a server-side request forgery in perfree go-fastdfs-web (up to version 1.3.7). The vulnerability affects the Installation Endpoint, specifically the function checkServer in /install/checkServer. An attacker can remotely trigger SSRF by manipulating inputs, with ...

7.5CVSS6.7AI score0.00041EPSS

Cvelist•added 5 days ago•34 views

CVE-2026-11437 perfree go-fastdfs-web Installation Endpoint checkServer server-side request forgery

7.5CVSS0.00041EPSS

Positive Technologies•added 5 days ago•7 views

PT-2026-47159

Name of the Vulnerable Software and Affected Versions perfree go-fastdfs-web versions prior to 1.3.8 Description A flaw in the Installation Endpoint allows for remote server-side request forgery SSRF, which occurs when an attacker can induce the server-side application to make requests to an...

7.5CVSS7.3AI score0.00041EPSS

Exploits0References9

RedhatCVE•added 2026/04/13 7:24 p.m.•2 views

CVE-2026-6105

A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attack may be initiate...

EUVD•added 2026/04/12 12:32 a.m.•1 views

Exploits0References1

EUVD-2026-21684

NVD•added 2026/04/11 10:16 p.m.•0 views

CVE-2026-6105

7.5CVSS0.00054EPSS

ATTACKERKB•added 2026/04/11 10:0 p.m.•1 views

CVE-2026-6105

Exploits0References4Affected Software1

Cvelist•added 2026/04/11 10:0 p.m.•24 views

CVE-2026-6105 perfree go-fastdfs-web doInstall InstallController.java improper authorization

7.5CVSS0.00054EPSS

Vulnrichment•added 2026/04/11 10:0 p.m.•2 views

CVE-2026-6105 perfree go-fastdfs-web doInstall InstallController.java improper authorization

CVE•added 2026/04/11 10:0 p.m.•4 views

CVE-2026-6105

The CVE-2026-6105 entry affects perfree go-fastdfs-web (up to version 1.3.7). The vulnerability concerns the doInstall Interface in the InstallController.java component, where manipulation leads to improper authorization. A remote attacker could exploit this, and public disclosure of the exploit ...

7.5CVSS6.5AI score0.00054EPSS

CNNVD•added 2026/04/11 12:0 a.m.•3 views

go-fastdfs-web 授权问题漏洞

go-fastdfs-web is a web management platform for a distributed file storage system developed by Perfree’s individual developers. Versions of go-fastdfs-web prior to 1.3.7 have vulnerabilities related to authorization. These vulnerabilities stem from improper authorization practices and could lead ...

7.5CVSS7.2AI score0.00054EPSS

Positive Technologies•added 2026/04/11 12:0 a.m.•0 views

PT-2026-32126

RedhatCVE•added 2026/03/26 3:18 p.m.•3 views

CVE-2026-3963

A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component Apache Shiro RememberMe. Performing a manipulation results in use of hard-coded cryptographic key...

6.3CVSS4.9AI score0.00044EPSS

Exploits0References1

EUVD•added 2026/03/12 12:31 a.m.•3 views

EUVD-2026-11485

6.3CVSS5.1AI score0.00044EPSS

NVD•added 2026/03/11 11:16 p.m.•3 views

CVE-2026-3963

6.3CVSS0.00044EPSS