Lucene search
+L

1975 matches found

ptsecurity
ptsecurity
added 2026/06/13 12:0 a.m.21 views

PT-2026-49089

Name of the Vulnerable Software and Affected Versions Model Context Protocol versions prior to 0.25.0 Description Servers fail to validate the "Origin" header on incoming connections, which may allow DNS rebinding attacks. DNS rebinding is a method of bypassing the Same-Origin Policy to interact...

9.4CVSS5.3AI score0.00153EPSS
Exploits0References8
nessus
nessus
added 2026/06/13 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-15104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nu Html Checker validator.nu contains a restriction bypass that allows remote attackers to make the server perform arbitrary HTTP/HTTPS requests to internal...

6.9CVSS5.7AI score0.00425EPSS
Exploits1References2
nvd
nvd
added 2026/06/11 8:16 p.m.18 views

CVE-2026-53782

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS0.00265EPSS
Exploits0References4
euvd
euvd
added 2026/06/11 7:17 p.m.12 views

EUVD-2026-36308

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS5.5AI score0.00265EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/11 7:17 p.m.30 views

CVE-2026-53782 Summarize < 0.17.0 SSRF via podcast:transcript URL fetch

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS0.00265EPSS
Exploits0References4
cve
cve
added 2026/06/11 7:17 p.m.25 views

CVE-2026-53782

CVE-2026-53782 affects Summarize

7.4CVSS5.5AI score0.00265EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/11 7:17 p.m.10 views

CVE-2026-53782 Summarize < 0.17.0 SSRF via podcast:transcript URL fetch

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS5.3AI score0.00265EPSS
Exploits0References4
osv
osv
added 2026/06/11 7:17 p.m.5 views

CVE-2026-53782 Summarize < 0.17.0 SSRF via podcast:transcript URL fetch

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

6.3CVSS6AI score0.00265EPSS
Exploits0References7
cvelist
cvelist
added 2026/06/11 2:47 p.m.32 views

CVE-2026-3341 IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services

IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS0.00138EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/11 2:47 p.m.12 views

CVE-2026-3341 IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services

IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1
cve
cve
added 2026/06/11 2:47 p.m.37 views

CVE-2026-3341

CVE-2026-3341 affects IBM Langflow Desktop 1.0.0–1.9.2. The root cause is a TOCTOU DNS rebinding flaw in SSRF protection: validate_url_for_ssrf() uses socket.getaddrinfo(), while httpx.AsyncClient() conducts a separate DNS lookup during connection, allowing an attacker-controlled DNS domain with ...

5.4CVSS5.5AI score0.00138EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/06/11 12:0 a.m.17 views

PT-2026-48732

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

7.4CVSS5.5AI score0.00265EPSS
Exploits0References5
ibm
ibm
added 2026/06/08 6:37 p.m.14 views

Security Bulletin: IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services

Summary A Time-of-Check to Time-of-Use TOCTOU vulnerability in IBM Langflow Desktop's SSRF protection allows authenticated attackers to bypass internal network access restrictions using DNS rebinding attacks. The validateurlforssrf function validates URLs using socket.getaddrinfo, but...

5.4CVSS5.6AI score0.00138EPSS
Exploits0Affected Software1
ibm
ibm
added 2026/06/08 1:55 p.m.8 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to Insecure Default Initialization of Resource CVE-2025-66414

Summary MCP TypeScript SDK is used by the IBM Datapower Operations Dashboard to implement the Model Context Protocol MCP using Node.js Vulnerability Details CVEID:CVE-2025-66414 DESCRIPTION: MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. Prior to...

8.7CVSS5.5AI score0.00463EPSS
Exploits1Affected Software1
githubexploit
githubexploit
added 2026/06/07 9:4 a.m.115 views

glitchtip-dns-rebinding-gap-poc

GlitchTip DNS rebinding gap PoC This PoC models the DNS rebin...

5.5AI score
Exploits0
redhatcve
redhatcve
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36604

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 does not validate the HTTP Host header, enabling DNS rebinding attacks. An external attacker can rebind a domain to the router's internal IP address, extending the CORS wildcard vulnerability Access-Control-Allow-Origin: to...

6.5CVSS5.5AI score0.00254EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:46 p.m.9 views

CVE-2026-33659

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery SSRF via a DNS rebinding TOCTOU condition. Host validation uses dnsgetrecord but the actual HTTP...

3.5CVSS6.2AI score0.00333EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/06/05 7:34 p.m.12 views

CVE-2026-1089

User‑Controlled HTTP Header in Fortra's GoAnywhere MFT prior to version 7.10.0 allows attackers to trigger a DNS lookup, as well as DNS Rebinding and Information Disclosure...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:33 p.m.10 views

CVE-2026-45619

WWBN AVideo is an open source video platform. In 29.0 and earlier, EpgParser.php, plugin/AI/receiveAsync.json.php, and other locations do not use the $resolvedIP out-param of isSSRFSafeURL for DNS pinning via CURLOPTRESOLVE, opening DNS-rebinding TOCTOU...

6.5CVSS5.4AI score0.00136EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:30 p.m.15 views

CVE-2026-42194

Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetchmetadata.php validates the resolved IP address but passes the original hostname-based URL to curlinit, leaving a DNS rebinding TOCTOU window that allows redirecting requests to...

6.8CVSS5.3AI score0.00236EPSS
Exploits1References1
Rows per page
Query Builder