CVE-2026-42194 Incomplete fix for CVE-2026-32812: SSRF in admidio

Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetchmetadata.php validates the resolved IP address but passes the original hostname-based URL to curlinit, leaving a DNS rebinding TOCTOU window that allows redirecting requests to...

CVE-2026-42404

A flaw was found in Apache Neethi. When an application explicitly calls the PolicyReference API to retrieve a policy from a remote Uniform Resource Identifier URI, Apache Neethi does not impose restrictions on the URI. This allows a remote attacker to cause the application to make outbound reques...

CVE-2026-25492

Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...

PT-2026-3248

Name of the Vulnerable Software and Affected Versions TheLibrarian affected versions not specified Description The Librarian software has an internal port scanning issue stemming from the web fetch tool. This tool allows for Server-Side Request Forgery SSRF-style behavior, enabling GET requests t...

Splunk Enterprise 9.2.0 < 9.2.10, 9.3.0 < 9.3.8, 9.4.0 < 9.4.6, 10.0 < 10.0.1 (SVD-2025-1207)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1207 advisory. - In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4,...

CVE-2025-49545

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of URLs. Exploitation...

CVE-2025-49551

CVE-2025-49551 affects Adobe ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier. The issue is described as Use of Hard-coded Credentials, enabling privilege escalation with unauthorized access to sensitive systems/data. Exploitation reportedly requires no user interaction and is limited to ...

CVE-2025-49546 ColdFusion | Improper Access Control (CWE-284)

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to a partial application denial-of-service. A high-privileged attacker could exploit this vulnerability to partially disrupt the availability of the application...

CVE-2025-49540 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79)

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...

CVE-2022-30494

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...

CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. Work around: We strongly recommend customers to ensure access to your management interface is...

CVE-2024-0759

Should an instance of AnythingLLM be hosted on an internal network and the attacked be explicitly granted a permission level of manager or admin, they could link-scrape internally resolving IPs of other services that are on the same network as AnythingLLM. This would require the attacker also be...

CVE-2024-0759 Collection of internally resolving IPs

Should an instance of AnythingLLM be hosted on an internal network and the attacked be explicitly granted a permission level of manager or admin, they could link-scrape internally resolving IPs of other services that are on the same network as AnythingLLM. This would require the attacker also be...

CVE-2023-6578

A vulnerability classified as critical has been found in Software AG WebMethods 10.11.x/10.15.x. Affected is an unknown function of the file wm.server/connect/. The manipulation leads to improper access controls. It is possible to launch the attack remotely. To access a file like /assets/ a popup...

SafeURL-Python's hostname blocklist does not block FQDNs

Description If a hostname was blacklisted, it was possible to bypass the blacklist by requesting the FQDN of the host e.g. adding . to the end. Impact The main purpose of this library is to block requests to internal/private IPs and these cannot be bypassed using this finding. But if a library us...

Automotive Shop Management System Cross-Site Scripting Vulnerability

Automotive Shop Management System is an automotive shop management system. Automotive Shop Management System v1.0 is vulnerable to cross-site scripting, which can be exploited by attackers to gain administrator privileges and view internal IPs...

CVE-2022-30494

In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...