Lucene search
K

28 matches found

Nuclei
Nuclei
added 11 hours ago54 views

EspoCRM <= 9.3.3 - Server-Side Request Forgery

EspoCRM = 9.3.3 contains an authenticated server-side request forgery caused by improper internal-host validation using alternative IPv4 formats in HostCheck::isNotInternalHost, letting authenticated users access internal resources via /api/v1/Attachment/fromImageUrl endpoint. id: CVE-2026-33534...

4.3CVSS6.1AI score0.01978EPSS
Exploits5References2
Snyk
Snyk
added 2026/07/01 11:15 p.m.6 views

Cross-site Scripting (XSS)

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the dynamic image URL generator view within the admin interface. An attacker with a limited-permission editor account can execute arbitrary...

8.5CVSS5.8AI score0.00203EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 8:44 p.m.24 views

CVE-2026-55661

CVE-2026-55661 affects TinaCMS rich-text rendering (Slate JSON) where the url field on Slate link/image nodes was not sanitized, allowing stored XSS via dangerous URL schemes such as javascript: or data:text/html. Affected versions include tinacms/mdx &lt;2.1.7 and tinacms =2.1.7 and tinacms &gt;...

4.8CVSS5.6AI score0.00239EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 6:18 p.m.11 views

CVE-2026-54008

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/openwebui/utils/oauth.py::processpictureurl calls validateurlpictureurl on the initial URL only, then invokes aiohttp.ClientSession.getpictureurl, ... without...

8.5CVSS0.00203EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

BlenderMCP 安全漏洞

BlenderMCP is a 3D modeling control tool developed by ahujasid that connects Blender with AI. BlenderMCP has a security vulnerability, which stems from the operation of the Open function in the file src/blendermcp/server.py regarding the parameter inputimageurl, potentially leading to exploitatio...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References8
CVE
CVE
added 2026/06/01 10:10 a.m.39 views

CVE-2026-49328

CVE-2026-49328 describes a Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet prior to 2.0.2-incubating. The issue allows an attacker to cause outbound network requests to internal or otherwise restricted resources through a user-supplie...

5.3CVSS5.8AI score0.00502EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/01 10:10 a.m.3 views

CVE-2026-49328 Apache Fesod (Incubating): Improper validation of user-supplied URLs leading to SSRF

Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to...

5.3CVSS5.9AI score0.00502EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/15 9:44 p.m.10 views

CVE-2026-45299

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, the profileimageurl field on the user profile update form accepted arbitrary data: URI values without MIME-type validation, resulting in a XSS vulnerability. This vulnerability is...

5.4CVSS5.9AI score0.00199EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/15 9:29 p.m.26 views

CVE-2026-45317

CVE-2026-45317 describes an application-wide CSRF vector in Open WebUI’s image handling prior to 0.9.3. An authenticated user can influence image URL rendering so that viewing a compromised image causes the user’s browser to issue GET requests to an attacker-controlled URL, potentially leaking co...

4.6CVSS5.8AI score0.00165EPSS
Exploits1References1Affected Software1
Snyk
Snyk
added 2026/05/14 8:27 p.m.12 views

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the profileimageurl process. An attacker can execute arbitrary JavaScript in the context of another authenticated user's session by crafting a malicious SVG image as their OAuth...

8.5CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2026/04/20 4:15 a.m.33 views

CVE-2026-6604

The CVE-2026-6604 entry affects modelscope agentscope up to version 1.0.18, specifically the Cloud Metadata Endpoint’s _openai_tools.py functions _parse_url, prepare_image, and openai_audio_to_text. The vulnerability arises from manipulating image_url/audio_file_url, enabling server-side request ...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/31 11:28 p.m.12 views

SiYuan: Stored XSS in Attribute View Gallery/Kanban Cover Rendering Allows Arbitrary Command Execution in Desktop Client

Summary An attacker who can place a malicious URL in an Attribute View mAsse field can trigger stored XSS when a victim opens the Gallery or Kanban view with “Cover From - Asset Field” enabled. The vulnerable code accepts arbitrary https URLs without extensions as images, stores the...

9CVSS6.7AI score0.00489EPSS
Exploits1References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/11 2:23 p.m.10 views

LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages

Server-Side Request Forgery SSRF in ChatOpenAI Image Token Counting Summary The ChatOpenAI.getnumtokensfrommessages method fetches arbitrary imageurl values without validation when computing token counts for vision-enabled models. This allows attackers to trigger Server-Side Request Forgery SSRF...

3.7CVSS5.9AI score0.00379EPSS
Exploits0References5Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2025/11/18 12:0 a.m.10 views

VulnCheck KEV: CVE-2020-26948

Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ImageURL parameter...

9.8CVSS5.8AI score0.87154EPSS
In wildExploits4References80
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-4753

Malware in sbrugna...

7.8CVSS7.7AI score0.01215EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-3620

Malware in sbrugna...

6.5CVSS6.6AI score0.00168EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/08 6:32 p.m.3 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the coverImageURL. An attacker can execute arbitrary JavaScript in the context of a user's browser by injecting malicious scripts via crafted requests. Details Cross-site scripting or XSS is a code...

6.9CVSS5.5AI score0.00588EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/25 12:7 p.m.5 views

WordPress AGCA – Custom Dashboard & Login Page plugin < 7.2.2 - Admin+ Stored XSS via Image URL vulnerability

Admin+ Stored XSS via Image URL vulnerability discovered by Dikshita Trivedi Cybersecdexter in WordPress Plugin Absolutely Glamorous Custom Admin versions 7.2.2...

6.8CVSS6AI score0.00548EPSS
Exploits2References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/02 4:15 p.m.9 views

CVE-2022-1282

The Photo Gallery by 10Web WordPress plugin before 1.6.3 does not properly sanitize the $GET'imageurl' variable, which is reflected back to the users when executing the editimagebwg AJAX action...

6.1CVSS6.3AI score0.00847EPSS
Exploits2References3
OSV
OSV
added 2021/12/08 10:15 p.m.3 views

CVE-2021-43532

The 'Copy Image Link' context menu action would copy the final image URL after redirects. By embedding an image that triggered authentication flows - in conjunction with a Content Security Policy that stopped a redirection chain in the middle - the final image URL could be one that contained an...

6.1CVSS6.6AI score0.00528EPSS
Exploits0References2
Rows per page
Query Builder