Lucene search
K

5 matches found

CVE
CVE
added 2026/06/22 9:4 p.m.10 views

CVE-2026-56266

CVE-2026-56266 affects Crawl4AI prior to 0.8.7. The vulnerability is a server-side request forgery in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user‑supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6‑mappe...

9.2CVSS6AI score0.00276EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/12 6:17 p.m.19 views

CVE-2026-43929

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

8.2CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 5:49 p.m.30 views

CVE-2026-43929 ssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

8.2CVSS0.00226EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/10/30 1:33 a.m.3 views

golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...

9.8CVSS7.2AI score0.01952EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/22 12:2 p.m.5 views

golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

A flaw was found in the Go language standard library net/netip. The method Is IsPrivate, IsPublic, etc doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to...

9.8CVSS7.2AI score0.01952EPSS
Exploits0References4
Rows per page
Query Builder