Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/29 7:32 p.m.11 views

CVE-2026-44285

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/29 7:32 p.m.25 views

CVE-2026-44285

FastGPT is affected by an SSRF flaw in the dataset preview API. Before 4.15.0-beta1, an authenticated attacker could bypass isInternalAddress protection and reach internal services by abusing /api/core/dataset/file/getPreviewChunks with the externalFile data import type. The issue is resolved in ...

7.7CVSS5.9AI score0.00263EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.4 views

Disable the Source Packet Routing

In a network, source routing allows the sender to specify some or all routes for data packets to pass through the network. In regular routing, routers in the network determine the path based on the destination of the data packets. If a large number of packets are tampered with and pass through th...

6.8AI score
Exploits0References4
CVE
CVE
added 2021/06/08 2:59 p.m.174 views

CVE-2021-22214

GitLab CE/EE 10.5+ is affected by a server-side request forgery when requests to the internal network for webhooks are enabled. The SSRF can be exploited by an unauthenticated attacker on instances with limited registration. The issue spans multiple CVEs and has been addressed in patches across s...

8.6CVSS8.2AI score0.27806EPSS
In wildExploits1References3Affected Software1
Rows per page
Query Builder