Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/23 12:13 p.m.40 views

CVE-2026-56275 Flowise - Server-Side Request Forgery via Execute Flow Base URL

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS0.00183EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/23 12:13 p.m.9 views

EUVD-2026-38435

Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to bypass security validation by providing intranet addresses through the base URL field. Attackers can initiate HTTP requests to internal network addresses, access cloud...

6CVSS5.9AI score0.00183EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51508

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description A server-side request forgery SSRF issue exists in the Execute Flow node. This occurs due to missing secureFetch verification in httpSecurity.ts, allowing attackers to bypass security validation by...

7.1CVSS5.8AI score0.00183EPSS
Exploits1References8
Huntr
Huntr
added 2022/04/10 2:30 p.m.55 views

URL Restriction Bypass

Description The validation of URLs contains flaws that allow bypassing security restrictions that are applied in the security profiles of PlantUML. There are two different flaws through which validation mechanisms can be circumvented. In the examples images are loaded to showcase the bypass...

6.4CVSS0.1AI score0.01547EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2020/06/15 12:0 a.m.6 views

May 29, 2019—KB4497935 (OS Build 18362.145)

May 29, 2019—KB4497935 OS Build 18362.145 Improvements and fixes This update includes quality improvements. Key changes include: Addresses an issue in which Device-S4 may be applied unexpectedly while the system is using AC power. For more information, see Device-S4 may be applied unexpectedly...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/02/22 12:0 a.m.1 views

iDashboards Information Disclosure Vulnerability

iDashboards is a data visualization solution that transforms your data reports into interactive business intelligence dashboards. An information disclosure vulnerability exists in iDashboards 9.6b. A remote attacker can exploit this vulnerability to obtain sensitive information such as intranet I...

7.5CVSS6.3AI score0.01489EPSS
Exploits1References1
Rows per page
Query Builder