CVE-2026-46561

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the PREREQFUNCTION-based private IP check was not applied to HTTPRequest used by the parseurls API. An authenticated attacker can supply a URL pointing to an attacker-controlled server that responds with...

GHSA-Q4X5-8CJ6-52WG Sync-in Server: SSRF protection bypass via IPv4-mapped IPv6 addresses in regExpPrivateIP

Summary: The private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses e.g. ::ffff:127.0.0.1, allowing SSRF protection to be bypassed on dual-stack systems. Affected components backend/src/applications/files/services/files-manager.service.ts –...

CVE-2026-46561 pyLoad: SSRF via HTTP Redirect Bypass in parse_urls API

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the PREREQFUNCTION-based private IP check was not applied to HTTPRequest used by the parseurls API. An authenticated attacker can supply a URL pointing to an attacker-controlled server that responds with...

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev100 contained security vulnerabilities. These vulnerabilities stemmed from the lack of private IP checks based on PREREQFUNCTION being applied to HTTPRequests. Attackers could bypass the isglobalho...

EUVD-2026-32586

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...

pyload-ng: SSRF via HTTP Redirect Bypass in parse_urls API

Summary The SSRF mitigation added in commit 33c55da for GHSA-7gvf-3w72-p2pg is incomplete. The PREREQFUNCTION-based private IP check was correctly applied to HTTPChunk download path but not to HTTPRequest used by the parseurls API. An authenticated attacker can supply a URL pointing to an...

GHSA-8RP3-XC6W-5QP5 pyload-ng: SSRF via HTTP Redirect Bypass in parse_urls API

Summary The SSRF mitigation added in commit 33c55da for GHSA-7gvf-3w72-p2pg is incomplete. The PREREQFUNCTION-based private IP check was correctly applied to HTTPChunk download path but not to HTTPRequest used by the parseurls API. An authenticated attacker can supply a URL pointing to an...

PT-2026-42698

Summary When an application using Pydantic AI opts a URL into force download='allow-local' which disables the default block on private/internal IPs, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form IPv4-mapped IPv6, 6to4, or NAT64. Dual-stack a...

PT-2026-42682

Name of the Vulnerable Software and Affected Versions pyLoad versions prior to 0.5.0b3.dev100 Description An authenticated attacker can perform Server-Side Request Forgery SSRF by supplying a URL to the 'parse urls' API endpoint that points to a server under their control. This server can respond...

PT-2026-42607

Summary The SSRF mitigation added in commit 33c55da for GHSA-7gvf-3w72-p2pg is incomplete. The PREREQFUNCTION-based private IP check was correctly applied to HTTPChunk download path but not to HTTPRequest used by the parse urls API. An authenticated attacker can supply a URL pointing to an...

Server-Side Request Forgery

github.com/quantumnous/new-api, is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to incomplete SSRF protection that fails to block the unspecified address 0.0.0.0, allowing authenticated users to bypass private-IP filtering and force the server to make requests to...

CVE-2026-45401 Open WebUI: SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the validateurl function in backend/openwebui/retrieval/web/utils.py only validates the initial URL submitted by the caller. The HTTP clients used downstream sync requests, async...

Server-side Request Forgery (SSRF)

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the processUrlFile function. An attacker can access internal network resources and sensitive cloud metadata by supplying crafted URLs that target internal or...

CVE-2026-44520

Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class in doclinggraph/core/input/handlers.py makes HTTP requests to user-supplied URLs without validating whether the...

CVE-2026-43929

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

Playwright Capture 代码问题漏洞

Playwright Capture is an open-source web capture tool based on Playwright developed by Lookyloo. Versions of Playwright Capture prior to 1.39.6 contained code vulnerabilities. These vulnerabilities stemmed from insufficient restrictions on navigation and resource requests initiated by rendered...

CVE-2026-43929 ssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs

ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address e.g. http://::ffff:127.0.0.1/. The WHATWG URL parser bui...

CVE-2026-42339

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 CVE-2025-59146 and hardened in v0.9.6 CVE-2025-62155 does not block the unspecified address 0.0.0.0. A regular...

CVE-2026-42339 New API: SSRF Filter Bypass via 0.0.0.0

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 CVE-2025-59146 and hardened in v0.9.6 CVE-2025-62155 does not block the unspecified address 0.0.0.0. A regular...

CVE-2026-42344

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding TOCTOU — Time-of-Check to Time-of-Use. The function resolves the hostname via dns.resolve4/dns.resolve6 and check...