3 matches found
PT-2026-42818
TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain an SSRF via Open Redirect Bypass as the HTTP Request block and Code block validate the initial request URL via validateHttpReqUrl to block private IPs and cloud metadata hostnames. However, the HTTP clients ky and fetch follow 3...
PT-2026-27456
Name of the Vulnerable Software and Affected Versions LoLLMs WEBUI affected versions not specified Description LoLLMs WEBUI, the web user interface for Lord of Large Language and Multi modal Systems, contains a Server-Side Request Forgery SSRF issue. An unauthenticated attacker can exploit this t...
CVE-2025-25235
CVE-2025-25235 describes a Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG). The vulnerability affects SEG on Windows prior to 2.32 and SEG on UAG prior to 2503, enabling an attacker to route internal-network traffic (e.g., HTTP requests) through the gateway. The CVSS 3.1 ...