123 matches found
CVE-2026-45660
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.22 and 6.18.1, the Glide image proxy's URL validation could be bypassed using an IP representation that wasn't normalized before the public-IP check. An unauthenticated user could cause the server to make HTTP...
CVE-2026-10107
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
CVE-2026-45660
Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.22 and 6.18.1, the Glide image proxy's URL validation could be bypassed using an IP representation that wasn't normalized before the public-IP check. An unauthenticated user could cause the server to make HTTP...
CVE-2026-10107
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
CVE-2026-10107 MoviePilot v2 SSRF via /api/v1/system/img/{proxy} Endpoint
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
CVE-2026-10107
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
CVE-2026-10107 MoviePilot v2 SSRF via /api/v1/system/img/{proxy} Endpoint
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
CVE-2026-10107
MoviePilot v2 is affected by an SSRF flaw in the image proxy endpoint /api/v1/system/img/{proxy}. Authentication is required, and an attacker can supply a resource_token cookie and a URL whose domain matches the allowlist to fetch arbitrary URLs. The root cause is that Safe URL checking (Security...
EUVD-2026-33364
MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resourcetoken cookie and a URL whose domain matches the assembled allowlist. Attackers can bypass internal network protection...
MoviePilot 安全漏洞
MoviePilot is an automated film resource management tool developed by jxxghp. Version 2 of MoviePilot has a security vulnerability. This vulnerability stems from a server-side request forgery in the image proxy endpoint, which may allow authenticated attackers to request arbitrary URLs and...
PT-2026-44923
Name of the Vulnerable Software and Affected Versions MoviePilot version v2 Description An issue exists in the image proxy endpoint '/api/v1/system/img/proxy' that allows authenticated attackers to request arbitrary URLs. By providing a resource token cookie and a URL with a domain that matches t...
PT-2026-41695
Name of the Vulnerable Software and Affected Versions Statamic versions prior to 5.73.22 Statamic versions prior to 6.18.1 Description The Glide image proxy contains a flaw where URL validation can be bypassed using an IP representation that is not normalized before the public-IP check. This allo...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the image proxy process. An attacker can cause a denial of service on client systems by serving malicious SVG files from an attacker-controlled origin with a misleading Content-Ty...
CVE-2026-4054 SVG content served through Mattermost image proxy despite Content-Type restrictions causes client-side denial of service
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header e.g. image/png...
CVE-2026-4054 SVG content served through Mattermost image proxy despite Content-Type restrictions causes client-side denial of service
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to validate the response body of proxied images, which allows a remote attacker to enact client-side DoS via an SVG file served from an attacker-controlled origin under a non-SVG Content-Type header e.g. image/png...
CVE-2026-31804
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /pmsimageproxy endpoint accepts a user-supplied img parameter and forwards it to Plex Media Server's /photo/:/ transcode transcoder without authentication and without restricting the scheme...
CVE-2026-31804
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /pmsimageproxy endpoint accepts a user-supplied img parameter and forwards it to Plex Media Server's /photo/:/ transcode transcoder without authentication and without restricting the scheme...
CVE-2026-31804 Tautulli: Unauthenticated pms_image_proxy endpoint proxies arbitrary HTTP requests through the Plex Media Server
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /pmsimageproxy endpoint accepts a user-supplied img parameter and forwards it to Plex Media Server's /photo/:/ transcode transcoder without authentication and without restricting the scheme...
CVE-2026-31804 Tautulli: Unauthenticated pms_image_proxy endpoint proxies arbitrary HTTP requests through the Plex Media Server
Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Prior to version 2.17.0, the /pmsimageproxy endpoint accepts a user-supplied img parameter and forwards it to Plex Media Server's /photo/:/ transcode transcoder without authentication and without restricting the scheme...
CVE-2026-31804
CVE-2026-31804 affects Tautulli (Python-based Plex monitor) before version 2.17.0. The vulnerable /pms_image_proxy endpoint accepts a user-controlled img parameter and forwards it to Plex Media Server’s /photo/:/ transcode transcoder without authentication or host/scheme restrictions. Because web...