3 matches found
PT-2026-30339
Name of the Vulnerable Software and Affected Versions: pyLoad versions 0.5.0b3.dev96 and earlier Description: pyLoad contains a server-side request forgery SSRF vulnerability. The initial fix for CVE-2026-33992 added IP validation to the initial download URL, but HTTP redirects are not validated...
CVE-2026-32857 Firecrawl Playwright Service SSRF Protection Bypass via Missing Post-Redirect Validation
Firecrawl version 2.8.0 and prior contain a server-side request forgery SSRF protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to the initial user-supplied URL and not to subsequent redirect destinations. Attackers can supply an...
PT-2026-28444
Name of the Vulnerable Software and Affected Versions Firecrawl versions 2.8.0 and earlier Description The software contains a server-side request forgery SSRF protection bypass in the Playwright scraping service. The network policy validation is applied only to the initial URL provided by the us...