Lucene search
K

21 matches found

NVD
NVD
added 3 days ago9 views

CVE-2026-53450

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS0.00287EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42971

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, coturn rejects loopback peers by default unless allow-loopback-peers is enabled, but the default loopback guard can be bypassed by using the IPv4-mapped IPv6 peer address ::ffff:127.0.0.1 in a TURN...

7.4CVSS6.1AI score0.00287EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/03 10:30 a.m.35 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS0.00297EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/07 4:18 a.m.11 views

CVE-2026-41413

Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhos...

5CVSS5.7AI score0.00329EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/17 11:54 p.m.34 views

CVE-2026-40346 NocoBase has SSRF in Workflow HTTP Request and Custom Request Plugins

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.37, NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An...

6.4CVSS0.00384EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/10 4:59 p.m.4 views

CVE-2026-40160 PraisonAIAgents has SSRF via unvalidated URL in `web_crawl` httpx fallback

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, webcrawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get with followredirects=True and no host validation. An LLM agent tricked into crawling an internal URL can reach cloud metadata endpoints...

7.1CVSS5.8AI score0.00281EPSS
Exploits1References1
CVE
CVE
added 2026/04/09 7:40 p.m.18 views

CVE-2026-35577

CVE-2026-35577 affects Apollo MCP Server (GraphQL/MCP) prior to v1.7.0 where Host header validation was missing for HTTP StreamableHTTP transport. This could allow a local user running the MCP server on localhost to be influenced by a malicious site via DNS rebinding, bypassing same-origin policy...

8.1CVSS5.9AI score0.00182EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/06 11:24 p.m.7 views

SUSE CVE-2026-33990

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

9.1CVSS5.9AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 2026/04/01 5:28 p.m.8 views

UBUNTU-CVE-2026-33990

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

9.1CVSS5.9AI score0.00253EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/01 4:17 p.m.2 views

CVE-2026-33990

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/01 4:17 p.m.3 views

EUVD-2026-17963

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

6.8CVSS5.9AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 4:17 p.m.86 views

CVE-2026-33990

Docker Model Runner (DMR) is affected by an SSRF in the OCI registry token exchange flow prior to version 1.1.25. When pulling a model, DMR uses the realm URL from the registry’s WWW-Authenticate header without validating the scheme, hostname, or IP range, allowing a malicious OCI registry to dir...

9.1CVSS5.9AI score0.00253EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 4:17 p.m.11 views

CVE-2026-33990 Docker Model Runner OCI Registry Client Vulnerable to Server-Side Request Forgery (SSRF)

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...

6.8CVSS6AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/02 1:43 p.m.9 views

CVE-2026-28400

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST /engines/configure endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying inference server llama.cpp...

7.5CVSS6.1AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/26 10:34 p.m.7 views

CVE-2026-27730

esm.sh is a no-build content delivery network CDN for web development. Versions up to and including 137 have an SSRF vulnerability CWE-918 in esm.sh’s /https fetch route. The service tries to block localhost/internal targets, but the validation is based on hostname string checks and can be bypass...

8.6CVSS5.5AI score0.00339EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:9 a.m.10 views

CVE-2023-30548

gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. It...

4.3CVSS6.7AI score0.00882EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.6 views

CVE-2020-11710

An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...

9.8CVSS8.9AI score0.33825EPSS
Exploits0References1
OSV
OSV
added 2023/10/05 4:15 p.m.5 views

CVE-2023-4570

An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were previously thought to be unreachable outside of the node. This affects measurement plug-ins written in Python using versi...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/05 12:0 a.m.6 views

PT-2023-29652

Name of the Vulnerable Software and Affected Versions ni-measurementlink-service versions 1.1.0 and earlier Description An improper access restriction in NI MeasurementLink Python services could allow an attacker on an adjacent network to reach services exposed on localhost. These services were...

8.8CVSS7.1AI score0.00281EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/09/02 12:0 a.m.5 views

Apache OFBiz 代码问题漏洞

Apache OFBiz is an enterprise resource planning ERP system from the Apache Foundation. A code issue vulnerability exists in Apache OFBiz Solr plugin 18.12.05 and earlier, which stems from the default configuration of automatically issuing RMI requests on port 1099 on localhost, which can be...

9.8CVSS7.3AI score0.03716EPSS
Exploits0References3
Rows per page
Query Builder