CVE-2026-25960

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. A remote attacker can exploit this Server-Side Request Forgery SSRF bypass vulnerability in the loadfromurlasync method. The flaw occurs because the URL validation and the actual HTTP request handling use...

CVE-2025-36743

CVE-2025-36743 concerns the SolarEdge SE3680H inverter, where an exposed debug/test interface is reachable by unauthenticated actors. Redundant exposure could lead to disclosure of internal system information and execution of debug commands, indicating a potential impact on confidentiality, integ...

CVE-2025-36743 SolarEdge SE3680H - Exposed Debug interface

SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...

PT-2025-50934

SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowing disclosure of system internals and execution of debug commands...

CVE-2025-50234

MCCMS v2.7.0 has an SSRF vulnerability located in the index method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sysauth$pic, 1 function, which utilizes a hard-coded key McEncryptionKey bD2voYwPpNuJ7B8, defined in the...

Linux Kernel Resource Management Error Vulnerability (CNVD-2023-54414)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux Kernel that originates from a corruption of the iscsiswtcpsessioncreate instruction responsible for freeing memory in the SCSI...

CVE-2017-16854

In Open Ticket Request System OTRS through 3.3.20, 4 through 4.0.26, 5 through 5.0.24, and 6 through 6.0.1, an attacker who is logged in as a customer can use the ticket search form to disclose internal article information of their customer tickets...