Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded yesterday4 views

CVE-2026-11424

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS
Exploits0References1
CVE
CVEadded yesterday15 views

CVE-2026-11424

CVE-2026-11424: SSRF in a GraphQL service shared by Altium Enterprise Server and Altium 365. An authenticated user can submit input treated as a URL, causing the server to perform an outbound HTTP GET without URL validation or destination filtering, and return the response body. This enables acce...

8.3CVSS5.3AI score
Exploits0References1
Cvelist
Cvelistadded yesterday17 views

CVE-2026-11424 Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded yesterday4 views

CVE-2026-11424

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS5.3AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded yesterday7 views

PT-2026-47056

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS5.3AI score
Exploits0References2
CVE
CVEadded 2026/01/19 6:2 p.m.9 views

CVE-2026-1170

The CVE-2026-1170 affects birkir prime before 0.4.0.beta.0, specifically the GraphQL API’s /graphql processing. Technical details in connected sources show that manipulating the GraphQL file can disclose information remotely. Public exploit activity is indicated, and multiple risk datasets (inclu...

6.9CVSS5.3AI score0.0006EPSS
Exploits1References5Affected Software1
CNNVD
CNNVDadded 2023/03/31 12:0 a.m.1 views

VTEX apps-graphql 安全漏洞

VTEX apps-graphql is a graphql API module for VTEX IO applications from VTEX UK. A security vulnerability exists in the VTEX [email protected] GraphQL API module that stems from not properly restricting unauthorized access to private configuration data...

7.5CVSS7.3AI score0.00317EPSS
Exploits0References2
Rows per page
Query Builder