121481 matches found
CVE-2026-7177
Affected product: ChatGPTNextWeb NextChat up to 2.16.1. Vulnerable component: function proxyHandler in app/api/[provider]/[...path]/route.ts. Root cause: manipulation leads to server-side request forgery (SSRF). Impact: potential remote exploitation with low to moderate impact on confidentiality/...
EUVD-2026-25928
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/provider/...path/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit has been...
GHSA-H7XC-4MV8-59FJ mcp-url-downloader has a Server-Side Request Forgery issue
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...
mcp-url-downloader has a Server-Side Request Forgery issue
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...
Server-side Request Forgery (SSRF)
Overview auto-favicon is an A Model Context Protocol server providing tools for automatic favicon generation from PNG images or URLs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the generatefaviconfromurl function. An attacker can cause the server to ma...
CVE-2026-7158
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...
CVE-2026-7158 dmitryglhf mcp-url-downloader server.py _validate_url_safe server-side request forgery
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...
CVE-2026-7158
The CVE-2026-7158 entry concerns the dmitryglhf mcp-url-downloader project. The vulnerability affects the function _validate_url_safe in src/mcp_url_downloader/server.py and is triggered by manipulating the url argument, resulting in server-side request forgery (SSRF). The issue is exploitable re...
CVE-2026-6979
A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and m...
CVE-2026-41414
Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and executes it via cargo run, with access to SKIMRSBOTPRIVATEKEY and GITHUBTOKEN contents:write. No gates prevent exploitation - any...
CVE-2026-7147
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...
CVE-2026-7150
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generatefaviconfromurl of the file src/autofavicon/server.py of the component MCP Tool. The manipulation of the argument imageurl results in server-side request forgery...
EUVD-2026-25912
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generatefaviconfromurl of the file src/autofavicon/server.py of the component MCP Tool. The manipulation of the argument imageurl results in server-side request forgery...
CVE-2026-7147 JoeCastrom mcp-chat-studio LLM Models API llm.js server-side request forgery
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.baseurl results in server-side request forgery. Remote...
CVE-2026-7146 AlejandroArciniegas mcp-data-vis HTTP Request server.js axios server-side request forgery
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to...
CVE-2026-7146 AlejandroArciniegas mcp-data-vis HTTP Request server.js axios server-side request forgery
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to...
EUVD-2026-25905
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to...
CVE-2026-30350
An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...
cpython: Header injection via newlines in data URL mediatype in Python
Missing newline filtering has been discovered in Python. User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype...
USN-8208-1 haproxy vulnerability
Martino Spagnuolo discovered that HAProxy did not check received body lengths in the HTTP/3 parser. A remote attacker could possibly use this issue to perform a request smuggling attack and obtain sensitive information...