56043 matches found
CVE-2026-57348 WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability
Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...
CVE-2026-54430
liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...
CVE-2026-54430
liboauth2 is affected by a Server-Side Request Forgery in the oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier reads signer and kid from the unverified JWT header; if the signer matches the configured ARN, the kid is appended to alb_base_url without URL encoding or path sanitizat...
VMware vSphere - Server-Side Request Forgery
VMware vSphere HTML5 is susceptible to server-side request forgery due to improper validation of URLs in a vCenter Server plugin. An attacker with network access to port 443 can exploit this issue by sending a POST request to the plugin. This affects VMware vCenter Server 7.x before 7.0 U1c, 6.7...
Apache HTTPd Windows UNC - Server-Side Request Forgery
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note- Existing configurations that access UNC paths will have to configure new...
XStream <1.4.15 - Server-Side Request Forgery
XStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data from internal resources that are not publicly available by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorize...
Adminer <4.7.9 - Server-Side Request Forgery
Adminer before 4.7.9 is susceptible to server-side request forgery due to exposure of sensitive information in error messages. Users of Adminer versions bundling all drivers, e.g. adminer.php, are affected. An attacker can possibly obtain this information, modify data, and/or execute unauthorized...
DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution
DedeCMS 5.7SP2 is susceptible to cross-site request forgery with a corresponding impact of arbitrary code execution because the partcode parameter in a tagtestaction.php request can specify a runphp field in conjunction with PHP code. id: CVE-2018-7700 info: name: DedeCMS 5.7SP2 - Cross-Site...
SAP NetWeaver Development Infrastructure - Server Side Request Forgery
Server-Side Request Forgery SSRF vulnerability has been detected in the SAP NetWeaver Development Infrastructure Component Build Service versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50The SAP NetWeaver Development Infrastructure Component Build Service allows a threat actor who has access to the...
WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery
WordPress Fusion Builder plugin before 3.6.2 is susceptible to server-side request forgery. The plugin does not validate a parameter in its forms, which can be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. An attacker can...
CVE-2026-55791
Craft CMS is a content management system CMS. Versions 4.0.0-RC1 and above, prior to 4.18.0 and 5.0.0-RC1, and above, prior to 5.10.0, are vulnerable to Server-Side Request Forgery SSRF and Arbitrary JavaScript Injection through the /actions/app/resource-js endpoint. By exploiting the default...
PT-2026-55319
Name of the Vulnerable Software and Affected Versions Azure OpenAI affected versions not specified Description A server-side request forgery SSRF issue exists in Azure OpenAI. This flaw allows an authorized attacker to elevate privileges over a network. SSRF is a vulnerability where an attacker c...
PT-2026-55321
Name of the Vulnerable Software and Affected Versions Microsoft Entra Provisioning Service SyncFabric affected versions not specified Description Server-side request forgery SSRF in the Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a...
EUVD-2026-41097
Cross-Site Request Forgery CSRF vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Path Traversal. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.12...
WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.12 - CSRF to Arbitrary File Deletion vulnerability
CSRF to Arbitrary File Deletion vulnerability discovered by VDsec in WordPress Plugin VikBooking Hotel Booking Engine & PMS versions = 1.8.12...
Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery
Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request forgery via GitHubTokenCredentialsCreator.java, which allows attackers to leverage attacker-specified credentials IDs obtained through another method and capture the credentials stored in Jenkins. id: CVE-2018-1000600...
CVE-2026-56264
CVE-2026-56264 affects Crawl4AI prior to 0.8.7. The Docker API server’s /execute_js endpoint accepts and executes arbitrary JavaScript in the server’s browser context with --disable-web-security enabled, enabling an attacker to run arbitrary JS and, given relaxed browser security, perform server-...
CVE-2025-36324
CVE-2025-36324 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue is a server-side request forgery (SSRF) that could allow an authenticated attacker to make unauthorized requests from the system, potentially enabling network enumeration or facilitating other ...
CVE-2026-10129
CVE-2026-10129 affects IBM Langflow OSS 1.0.0–1.9.3. A SSRF protection bypass exists in the API Request component: with a low-privilege flow author, an attacker can enable follow_redirects and supply a public URL that redirects to internal/localhost addresses. The app validates only the initial U...
EUVD-2026-40400
IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...