CVE-2026-34728

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index method handles file deletion for the media browser. When the fileRemove action is triggered, the user-supplied name parameter is concatenated with the base upload directory path without any...

CVE-2026-34728

CVE-2026-34728 affects phpMyFAQ prior to 4.1.1. The vulnerability lies in MediaBrowserController::index() where fileRemove assembles the target path by concatenating user-supplied name with the upload directory, using FILTER_SANITIZE_SPECIAL_CHARS (which does not prevent directory traversal) and ...

CVE-2026-4634

Keycloak exposes a Denial of Service vulnerability (CVE-2026-4634) where an unauthenticated attacker can trigger excessive resource consumption by sending a specially crafted POST to the OpenID Connect token endpoint with an excessively long scope parameter, causing prolonged processing and servi...

EUVD-2026-18134

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 via the 'Tools::read' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations...

GHSA-PRMX-7V35-7Q82 a11y-mcp: Server-Side Request Forgery (SSRF) vulnerability in A11yServer function

A vulnerability was found in priyankark a11y-mcp up to 1.0.5. This vulnerability affects the function A11yServer of the file src/index.js. The manipulation results in server-side request forgery. The attack must be initiated from a local position. The exploit has been made public and could be use...

Server-side Request Forgery (SSRF)

Overview a11y-mcp is a MCP server for performing accessibility audits on webpages Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the A11yServer function in index.js. An attacker can cause the server to initiate unintended requests to arbitrary resources b...

SUSE CVE-2026-34441

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.40.0, cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file handler serves GET responses without consuming the request body. On HTTP/1.1 keep-alive connections, the unread...

CVE-2026-0686

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in the 'MF2::parseauthorpage' function via the 'Receiver::post' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2026-0686 Webmention <= 5.6.2 - Unauthenticated Blind Server-Side Request Forgery

The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in the 'MF2::parseauthorpage' function via the 'Receiver::post' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2026-5322

A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb72adf51/de5a51525a69822290eaee569a1ab447b490746d. This affects the function Request of the file src/servers/database/server.js of the component MCP Handler. The manipulation leads to sql injection...

CVE-2026-5322

A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb72adf51/de5a51525a69822290eaee569a1ab447b490746d. This affects the function Request of the file src/servers/database/server.js of the component MCP Handler. The manipulation leads to sql injection...

CVE-2026-5322 AlejandroArciniegas mcp-data-vis MCP server.js request sql injection

A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb72adf51/de5a51525a69822290eaee569a1ab447b490746d. This affects the function Request of the file src/servers/database/server.js of the component MCP Handler. The manipulation leads to sql injection...

CVE-2026-5322

Technical details about CVE-2026-5322 are not publicly provided in the supplied documents. No affected versions, root cause, or remediation is disclosed here. Monitor for updates and corroborating advisories.

CVE-2024-43028

A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers to execute arbitrary code via a crafted HTTP request...

Rack 安全漏洞

Rack is a modular Ruby web server interface developed by Rack authors. Versions of Rack prior to 3.1.21 and 3.2.6 contained security vulnerabilities. These vulnerabilities stemmed from the use of the AUTHORITY regular expression for parsing Host headers in Rack::Request, allowing illegal characte...

PT-2026-29682

Name of the Vulnerable Software and Affected Versions AlejandroArciniegas mcp-data-vis affected versions not specified Description A SQL injection issue exists in the Request function within the src/servers/database/server.js file of the MCP Handler component. This manipulation can be initiated...

PT-2026-29852

Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the POST /public/v1/upload-from-url endpoint accepts a user-supplied URL and fetches it server-side using axios.get with no SSRF protections. The only validation is a file extension check .png, .jpg, etc. which is trivially...

PT-2026-29793

Name of the Vulnerable Software and Affected Versions Apache Traffic Server versions 9.0.0 through 9.2.12 and 10.0.0 through 10.1.1 Description Apache Traffic Server is susceptible to request smuggling when handling malformed chunked messages. This can potentially lead to various security issues...

WordPress plugin Webmention 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Microsoft Azure Databricks 代码问题漏洞

Microsoft Azure Databricks is an open analysis platform provided by the American company Microsoft. There is a code vulnerability in Microsoft Azure Databricks, which stems from server-side request forgery. This vulnerability could allow unauthorized attackers to gain elevated privileges through...