Lucene search
K

121698 matches found

NVD
NVD
added 2026/04/20 9:16 p.m.26 views

CVE-2026-33626

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS0.4525EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/04/20 8:29 p.m.56 views

CVE-2026-33626 LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS0.4525EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 8:24 p.m.3 views

CVE-2026-33431

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...

7.1CVSS5.9AI score0.00392EPSS
Exploits1References3Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/20 7:56 p.m.5 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS7.3AI score0.01945EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.7 views

CVE-2026-31317

Craftql v1.3.7 and before is vulnerable to Server-Side Request Forgery SSRF which allows an attacker to execute arbitrary code via the vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php file...

7.5CVSS6.1AI score0.00463EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/20 7:23 p.m.7 views

CVE-2026-32135 NanoMQ has Heap Buffer Overflow in URI Parameter Parsing

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

8.7CVSS6AI score0.00502EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/20 7:23 p.m.4 views

CVE-2026-40346

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.37, NocoBase's workflow HTTP request plugin and custom request action plugin make server-side HTTP requests to user-provided URLs without any SSRF protection. An...

6.5CVSS5.8AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.6 views

CVE-2026-40581

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint SelectDelete.php performs permanent, irreversible deletion of family records and all associated data via a plain GET request with no CSRF token validation. An attacker can craft a...

8.1CVSS5.7AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.3 views

CVE-2026-40348

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS5.9AI score0.00379EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/20 4:4 p.m.31 views

CVE-2026-25883 Vexa Webhook Feature has a SSRF Vulnerability

Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa webhook feature allows authenticated users to configure an arbitrary URL that receives HTTP POST requests when meetings complete. The application performs no validation on th...

5.8CVSS0.00203EPSS
Exploits0References1
CVE
CVE
added 2026/04/20 4:4 p.m.20 views

CVE-2026-25883

Vexa SSRF via webhook URL validation flaw : The webhook feature allows authenticated users to configure any HTTP POST URL when meetings complete, with no validation of the target. This enables Server-Side Request Forgery to internal services (e.g., Redis/databases/admin panels), cloud metadata en...

5.8CVSS5.9AI score0.00203EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/04/20 3:31 p.m.7 views

EUVD-2026-23862

An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...

5.7CVSS5.8AI score0.00121EPSS
Exploits0References2
NVD
NVD
added 2026/04/20 2:16 p.m.7 views

CVE-2026-33558

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

5.3CVSS0.00535EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 1:55 p.m.9 views

CVE-2026-34428

Vvveb prior to 1.0.8.1 is affected by an SSRF in the oEmbedProxy action of the editor/editor module. The url parameter is passed directly to getUrl() via curl without scheme or destination validation, allowing authenticated backend users to supply file:// URLs to read arbitrary files readable by ...

8.3CVSS5.9AI score0.00256EPSS
Exploits0References3
CVE
CVE
added 2026/04/20 1:38 p.m.13 views

CVE-2026-6369

The CVE-2026-6369 entry concerns the canonical-livepatch snap client, affected before version 10.15.0. A local unprivileged user can exploit an improper access control by sending an unauthenticated request to the livepatchd.sock Unix domain socket to obtain a sensitive, root-level authentication ...

5.7CVSS5.8AI score0.00121EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/20 1:30 p.m.2 views

CVE-2026-6649 Qibo CMS headers server-side request forgery

A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/20 1:20 p.m.29 views

CVE-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

0.00535EPSS
Exploits0References2
CVE
CVE
added 2026/04/20 1:20 p.m.81 views

CVE-2026-33558

CVE-2026-33558 affects Apache Kafka: the NetworkClient logs sensitive information at DEBUG level, exposing full requests/responses for certain APIs (AlterConfigsRequest, AlterUserScramCredentialsRequest, ExpireDelegationTokenRequest, IncrementalAlterConfigsRequest, RenewDelegationTokenRequest, Sa...

5.3CVSS5.7AI score0.00535EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/04/20 9:30 a.m.4 views

EUVD-2026-23805

A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function getapitoolproviderremoteschema of the file api/services/tools/apitoolsmanageservice.py of the component ApiToolManageService. Performing a manipulation of the argument url results in server-side...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/20 9:30 a.m.4 views

CVE-2026-6625

A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogupicture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the component Picture...

7.5CVSS6.5AI score0.003EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder