Lucene search
K

356 matches found

Vulnrichment
Vulnrichment
added 2026/03/02 4:28 p.m.4 views

CVE-2025-64427 ZimaOS is vulnerable to Server-Side Request Forgery (SSRF)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/21 4:9 a.m.28 views

CVE-2026-27193 Feathers exposes internal headers via unencrypted session cookie

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In versions 5.0.39 and below, all HTTP request headers are stored in the session cookie, which is signed but not encrypted, exposing internal proxy/gateway headers to clients. The OAuth servi...

8.2CVSS0.00354EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/18 12:56 a.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the webhooks process. An attacker can access internal network resources and extract sensitive information by submitting crafted webhook URLs that resolve to internal IP addresses, causing the server ...

7.2CVSS5.5AI score0.00061EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/09 8:35 p.m.3 views

Server-side Request Forgery (SSRF)

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in handleUpload, which is exploitable via the saveimagesAsset mutation in the GraphQL API. An attacker can retrieve sensitive internal resources, such as AWS...

6.5CVSS5.6AI score0.00419EPSS
Exploits1References2
OSV
OSV
added 2026/02/09 7:36 p.m.7 views

CVE-2026-25493 Craft has a SSRF in GraphQL Asset Mutation via HTTP Redirect

Craft is a platform for creating digital experiences. In Craft versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveAsset GraphQL mutation validates the initial URL hostname and resolved IP against a blocklist, but Guzzle follows HTTP redirects by default. An attacker can bypa...

6.9CVSS5.7AI score0.00359EPSS
Exploits1References5
NVD
NVD
added 2026/01/16 1:16 p.m.6 views

CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

7.5CVSS0.00373EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/16 12:46 p.m.4 views

CVE-2026-0613 CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

6.5AI score0.00373EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.14 views

CVE-2020-10212

upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...

9.8CVSS6.8AI score0.76511EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.10 views

CVE-2023-25912

The webreport generation feature in the Danfoss AK-EM100 allows an unauthorized actor to generate a web report that discloses sensitive information such as the internal IP address, usernames and internal device values...

5.3CVSS6.5AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.12 views

CVE-2023-49094

Symbolicator is a symbolication service for native stacktraces and minidumps with symbol server support. An attacker could make Symbolicator send arbitrary GET HTTP requests to internal IP addresses by using a specially crafted HTTP endpoint. The response could be reflected to the attacker if the...

4.3CVSS7AI score0.00705EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.7 views

CVE-2021-22169

An issue was identified in GitLab EE 13.4 or later which leaked internal IP address via error messages...

4.3CVSS6.5AI score0.00831EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.16 views

CVE-2024-39699

Directus is a real-time API and App dashboard for managing SQL database content. There was already a reported SSRF vulnerability via file import. It was fixed by resolving all DNS names and checking if the requested IP is an internal IP address. However it is possible to bypass this security...

5CVSS7.3AI score0.00435EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.6 views

CVE-2024-39687

Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has...

7.2CVSS7AI score0.006EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/09 1:14 a.m.272 views

Exploit for CVE-2025-45955

CVE-2025-45955 🕳️ Server-Side Request Forgery in DonWeb Ferozo...

6.8AI score
Exploits1
OSV
OSV
added 2026/01/07 11:24 p.m.5 views

CVE-2026-21859 Mailpit Proxy Endpoint is Vulnerable to Server-Side Request Forgery (SSRF)

Mailpit is an email testing tool and API for developers. Versions 1.28.0 and below have a Server-Side Request Forgery SSRF vulnerability in the /proxy endpoint, allowing attackers to make requests to internal network resources. The /proxy endpoint validates http:// and https:// schemes, but it do...

5.8CVSS6.4AI score0.00755EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.12 views

CVE-2019-16951

A remote file include RFI issue was discovered in Enghouse Web Chat 6.2.284.34. One can replace the localhost attribute with one's own domain name. When the product calls this domain after the POST request is sent, it retrieves an attacker's data and displays it. Also worth mentioning is the amou...

5.3CVSS6.6AI score0.00952EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.7 views

CVE-2025-68437

Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL saveAsset mutation is vulnerable to Server-Side Request Forgery SSRF. This vulnerability arises because the file input, specifically its url parameter,...

5.9CVSS7.1AI score0.00427EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/01/06 5:44 p.m.12 views

Mailpit Proxy Endpoint has Server-Side Request Forgery (SSRF) vulnerability

Summary A Server-Side Request Forgery SSRF vulnerability exists in Mailpit's /proxy endpoint that allows attackers to make requests to internal network resources. Description The /proxy endpoint allows requests to internal network resources. While it validates http:// and https:// schemes, it doe...

5.8CVSS6.9AI score0.00755EPSS
Exploits2References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/12 12:7 p.m.6 views

CVE-2025-46266

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 25.11 for Windows allows malicious actors to coerce the service into transmitting data to an arbitrary internal IP address, potentially leaking sensitive information...

4.3CVSS6.9AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2025/12/11 11:25 a.m.23 views

CVE-2025-46266

CVE-2025-46266 describes a flaw in TeamViewer DEX Client (formerly 1E Client) – Content Distribution Service (NomadBranch.exe) prior to version 25.11 on Windows. The issue allows a malicious actor to coerce the NomadBranch service into transmitting data to an arbitrary internal IP address, potent...

6.5CVSS6.5AI score0.00221EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder