LMDeploy has Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

Summary A Server-Side Request Forgery SSRF vulnerability exists in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, an...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the loadimage and encodeimagebase64 functions in LMDeploy's vision-language module, which fetch URLs without validating whether the destination is an internal or private address. An attacker can acce...

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

EUVD-2026-18348

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

HmEditor 代码问题漏洞

HmEditor is an intelligent medical electronic health record editor developed under open source by huimeicloud. Versions of HmEditor 2.2.3 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter url in the client.get function of the...

GHSA-VM2F-46XC-5JC3 AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64

AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function encodeimagebs64. Since the encodeimagebs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimac...

CVE-2025-57697

AstrBot Project v3.5.22 contains an arbitrary file read vulnerability in the _encode_image_bs64 function (entities.py), where the function opens a user-provided image path and returns its content base64-encoded without validating the path. This path-traversal/unsafe file read leads to potential s...

MAL-2025-38676 Malicious code in vue3-image-base64 (npm)

The package vue3-image-base64 was found to contain malicious code...

Malicious code in vue3-image-base64 (npm)

The package vue3-image-base64 was found to contain malicious code...

PT-2024-37983 · Zhongbangkeji · Crmeb

Name of the Vulnerable Software and Affected Versions: ZhongBangKeJi CRMEB versions up to 5.4.0 Description: A critical issue was found in the function get image base64 of the file PublicController.php. The manipulation of the argument file leads to deserialization. This issue can be exploited...

PT-2024-21039 · 74Cms · 74Cms

Name of the Vulnerable Software and Affected Versions: 74CMS version 3.28.0 Description: A critical issue has been found in the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads...

PT-2023-23732 · Zhong Bang · Zhong Bang Crmeb

Name of the Vulnerable Software and Affected Versions: Zhong Bang CRMEB versions up to 4.6.0 Description: A critical issue has been found, affecting the get image base64 function of the file api/controller/v1/PublicController.php. This leads to server-side request forgery and can be launched...