Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check

Summary The Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoints, while usin...

CVE-2026-44489

Axios is a promise based HTTP client for the browser and Node.js. From 1.15.2 to before 1.16.0, nested objects created by utils.merge e.g., config.proxy are still constructed as plain with Object.prototype in their chain. The setProxy function at lib/adapters/http.js:209-223 reads proxy.username,...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass the same-origin policy and proxy settings through a crafted HTML page. Chromium security severity: Low...

PYSEC-2026-127

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains...

CVE-2026-42313

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains...

CVE-2026-42313

Summary of CVE-2026-42313 / pyload-ng: A non-admin user with SETTINGS permission can enable a proxy and point pyload at any attacker-controlled host, causing all outbound traffic (downloads, captcha fetch, update checks, plugin HTTP calls) to be routed through that attacker. The vulnerability ste...

GHSA-PG67-9WJV-MR85 pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy via unrestricted `proxy.*` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)

Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains "proxy", "username" and "proxy", "password" — which protect the proxy credentials — but i...

Server-side Request Forgery (SSRF)

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the setconfigvalue function. An attacker can intercept all outbound HTTP traffic, steal credentials, and inject...

CVE-2026-4821

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it was published in error...

CVE-2026-4821

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Management Console administrator to execute arbitrary OS commands via shell metacharacter injection in proxy configuration fields such as httpproxy. Exploitation o...

CVE-2026-3635 Fastify request.protocol and request.host spoofable via X-Forwarded-Proto/Host from untrusted connections when trustProxy uses restrictive trust function

Summary When trustProxy is configured with a restrictive trust function e.g., a specific IP like trustProxy: '10.0.0.1', a subnet, a hop count, or a custom function, the request.protocol and request.host getters read X-Forwarded-Proto and X-Forwarded-Host headers from any connection — including...

CVE-2020-36949

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

CVE-2020-36949

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

EUVD-2020-30864

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

CVE-2020-36949 TapinRadio 2.13.7 - Denial of Service

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

CVE-2020-36949

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

CVE-2020-36949

CVE-2020-36949 affects TapinRadio 2.13.7. A denial-of-service vulnerability exists in the application proxy settings: processing oversized input in username and address fields (reported with a 20,000-character buffer) can cause the program to become unresponsive and require reinstallation. The av...

PT-2026-4928

TapinRadio 2.13.7 contains a denial of service vulnerability in the application proxy settings that allows attackers to crash the program by overflowing input fields. Attackers can paste a large buffer of 20,000 characters into the username and address fields to cause the application to become...

Raimersoft TapinRadio security vulnerability

Raimersoft TapinRadio is a web radio software developed by Raimersoft Corporation. The version 2.13.7 of Raimersoft TapinRadio contains a security vulnerability. This vulnerability stems from a buffer overflow in the application’s proxy settings, which could lead to program crashes...

CVE-2023-29084

Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings...