Lucene search
K

360 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.9 views

PT-2026-28586

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev97 Description pyLoad's download engine accepts arbitrary URLs without validation, enabling Server-Side Request Forgery SSRF attacks. An authenticated attacker can exploit this to access internal network...

9.3CVSS6AI score0.00397EPSS
Exploits1References19
OSV
OSV
added 2026/03/11 7:30 p.m.5 views

CVE-2026-31959 SSRF in Quill via unvalidated URL from Apple notarization log retrieval

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery SSRF vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple'...

5.3CVSS5.9AI score0.00097EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/06 12:0 a.m.8 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that supports Node.js. There were security vulnerabilities in versions of Parse Server prior to 8.6.7 and 9.5.0-alpha.6. These vulnerabilities stemmed from incorrect $regex query...

6.9CVSS5.8AI score0.00336EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/01 1:43 a.m.8 views

CVE-2026-27759

Featured Image from Content featured-image-from-content WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations ...

5.3CVSS5.9AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2026/02/27 11:16 p.m.12 views

CVE-2026-27759

Featured Image from Content featured-image-from-content WordPress plugin versions prior to 1.7 contain an authenticated server-side request forgery vulnerability that allows Author-level users to fetch internal HTTP resources. Attackers can exploit insecure URL fetching and file write operations ...

5.3CVSS0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.6 views

CVE-2025-50180

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

8.7CVSS5.4AI score0.00381EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/26 9:31 p.m.6 views

EUVD-2026-8883

SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive...

8.7CVSS5.5AI score0.00468EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/25 3:32 p.m.20 views

CVE-2025-50180 esm.sh is vulnerable to full-response SSRF

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

8.7CVSS0.00381EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/25 3:32 p.m.4 views

CVE-2025-50180

esm.sh is a no-build content delivery network CDN for web development. In version 136, esm.sh is vulnerable to a full-response SSRF, allowing an attacker to retrieve information from internal websites through the vulnerability. Version 137 fixes the vulnerability...

8.7CVSS5.4AI score0.00381EPSS
Exploits1References7
CVE
CVE
added 2026/02/25 3:32 p.m.10 views

CVE-2025-50180

CVE-2025-50180 affects esm.sh, a no-build CDN for web development. The NVD entry and Red Hat/OSV entries describe a full-response SSRF vulnerability in version 136 of esm.sh, enabling an attacker to retrieve information from internal websites. The issue is fixed in version 137. Connected document...

8.7CVSS5.4AI score0.00381EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/02/25 4:16 a.m.5 views

CVE-2026-27696 changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to Server-Side Request Forgery SSRF because the URL validation function issafevalidurl does not validate the resolved IP address of watch URLs against private,...

8.6CVSS5.7AI score0.00445EPSS
Exploits1References4
CVE
CVE
added 2026/02/25 4:16 a.m.16 views

CVE-2026-27696

CVE-2026-27696 affects changedetection.io prior to 0.54.1. The SSRF vulnerability arises because is_safe_valid_url() does not validate the resolved IP against private, loopback, or link-local ranges, allowing an authenticated user (or any user when no password is configured by default) to add wat...

8.6CVSS5.5AI score0.00445EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 4:16 a.m.4 views

CVE-2026-27696 changedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLs

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to Server-Side Request Forgery SSRF because the URL validation function issafevalidurl does not validate the resolved IP address of watch URLs against private,...

8.6CVSS5.5AI score0.00445EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/25 4:16 a.m.6 views

CVE-2026-27696

changedetection.io is a free open source web page change detection tool. In versions prior to 0.54.1, changedetection.io is vulnerable to Server-Side Request Forgery SSRF because the URL validation function issafevalidurl does not validate the resolved IP address of watch URLs against private,...

8.6CVSS5.5AI score0.00445EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.10 views

changedetection.io 安全漏洞

Changedetection.io is a website monitoring and notification application developed by dgtlmoon. Versions of Changedetection.io prior to 0.54.1 contained security vulnerabilities. These vulnerabilities stemmed from the URL validation function, issafevalidurl, which did not validate the resolution I...

8.6CVSS5.8AI score0.00445EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.7 views

esm.sh 代码问题漏洞

esm.sh is an open-source content distribution network developed by esm.sh. Version 136 of esm.sh has a code vulnerability that stems from a complete server-side request forgery attack, which may lead to the retrieval of information from internal websites...

8.7CVSS5.8AI score0.00381EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/02/24 10:25 p.m.11 views

CVE-2026-22568

Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or retrieve unauthorized internal information in rare conditions...

5.5CVSS5.3AI score0.00161EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.8 views

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 22.0 contained code vulnerabilities. These vulnerabilities stemmed from the aVideoEncoder.json.php API endpoint’s acceptance of downloadURL parameters and its ability to retrieve...

8.6CVSS6AI score0.00235EPSS
Exploits0References3
NVD
NVD
added 2026/02/23 5:23 p.m.11 views

CVE-2026-22568

Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or retrieve unauthorized internal information in rare conditions...

5.5CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/02/21 5:17 a.m.19 views

CVE-2026-27193

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In versions 5.0.39 and below, all HTTP request headers are stored in the session cookie, which is signed but not encrypted, exposing internal proxy/gateway headers to clients. The OAuth servi...

8.2CVSS0.00354EPSS
Exploits0References3
Rows per page
Query Builder