CVE-2026-48858 ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

Erlang/OTP -- FTP passive-mode client does not validate server response IP

https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passive mode did not validate the IP address returned in the server's response, allowing a compromised or malicious server to redirect the data connection to an arbitrary host. This enables server-sid...

CVE-2026-42965

A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN Fully Qualified Domain Name EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud...

CVE-2026-45310

CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetchurl tool validates the initial URL's resolved IP address against a restricted-IP blocklist isrestrictedip to prevent SSRF attacks against internal services cloud metadata endpoints, localhost, private networks...

CodeWhale 代码问题漏洞

CodeWhale is a terminal coding tool developed by Hunter Bown. Versions of CodeWhale prior to 0.8.22 contained code vulnerabilities. These vulnerabilities stemmed from the fetchurl tool’s ability to validate the IP address of the initial URL. However, the HTTP client was configured to follow...

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validateipv4address, and validateipv46address did not prohibit leading zero characters in octal literals. This may allow bypassing access control based on IP addresses. validateipv4address and validateipv46address...

CVE-2026-33234 AutoGPT: SendEmailBlock's IP blocklist bypass allows SSRF via user-controlled SMTP server

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogptplatform/backend/backend/blocks/emailblock.py accepts a user-supplied smtpserver string and smtpport integer as...

CVE-2026-44520 Docling-Graph: SSRF via Missing Internal IP Validation in URLInputHandler

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

Updated perl-Net-CIDR-Lite packages fix security vulnerabilities

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. CVE-2026-45190 Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL...

SUSE CVE-2026-45190

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

CVE-2026-45190 Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass

Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit characters pass the validators but are then re-encoded by the parser to a different address than the inp...

GHSA-FQPH-J6V6-JVGX docling-graph has SSRF via Missing Internal IP Validation in URLInputHandler

Impact The URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the target resolves to a private, loopback, or link-local IP address. The URLValidator only checks for a valid scheme and non-empty netloc, performing no...

PT-2026-38412

Name of the Vulnerable Software and Affected Versions Docling-Graph versions prior to 1.5.1 Description The URLInputHandler class in docling graph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating if the target resolves to a private, loopback, or link-local IP...

LMDeploy has Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

Summary A Server-Side Request Forgery SSRF vulnerability exists in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating internal/private IP addresses, allowing attackers to access cloud metadata services, internal networks, an...

CVE-2026-30232

Chartbrew prior to version 4.8.5 is affected by a Server-Side Request Forgery (SSRF) vulnerability in API data connections. Authenticated users can specify arbitrary URLs and the server fetches them via request-promise without IP address validation, enabling access to internal networks and cloud ...

CVE-2026-34526 SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This...

GHSA-WM7J-M6JM-8797 SillyTavern: Incomplete IP validation in /api/search/visit allows SSRF via localhost and IPv6

Details Distinct from CVE-2025-59159 and CVE-2026-26286 all fixed in v1.16.0. This endpoint is still unpatched. In src/endpoints/search.js line 419, the hostname is checked against /^\d+.\d+.\d+.\d+$/. This only matches literal dotted-quad IPv4 e.g. 127.0.0.1, 10.0.0.1. It does not catch: -...

CVE-2026-33619

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.3 contains a server-side request forgery issue in the optional scheduler's webhook delivery path. When a task is submitted to POST /tasks with a user-controlled callbackUrl, the v0.8.3...

EUVD-2026-16652

WWBN AVideo is an open source video platform. In versions up to and including 26.0, isSSRFSafeURL validates URLs against private/reserved IP ranges before fetching, but urlgetcontents follows HTTP redirects without re-validating the redirect target. An attacker can bypass SSRF protection by...

CVE-2026-33619

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.3 contains a server-side request forgery issue in the optional scheduler's webhook delivery path. When a task is submitted to POST /tasks with a user-controlled callbackUrl, the v0.8.3...