2 matches found
PT-2026-47080
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The 'connection-test' endpoint opens a raw TCP socket to a user-supplied database host without resolving or range-checking the destination. This allows private and link-local addresses, including...
Server Side Request Forgery (SSRF)
mobsf is vulnerable to Server Side Request Forgery SSRF Abuse. The vulnerability is due to socket.gethostbyname not properly handling DNS rebinding, allows attackers to exploit DNS resolutions and make requests to internal services...