Lucene search
K

695 matches found

Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54712

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron Bridge for Linux affected versions not specified Description An issue exists that allows an attacker to perform server-side request forgery SSRF, a technique where the attacker induces the server-side application to make reques...

7.8CVSS6AI score0.00148EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.28 views

CVE-2026-56264 Crawl4AI - Arbitrary JavaScript Execution via /execute_js Endpoint

Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /executejs endpoint, which accepts and executes arbitrary user-supplied JavaScript in the server's browser context with --disable-web-security enabled. An attacker can execute arbitrary...

9.2CVSS0.00334EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:8 p.m.4 views

CVE-2026-56264 Crawl4AI - Arbitrary JavaScript Execution via /execute_js Endpoint

Crawl4AI before 0.8.7 contains an arbitrary JavaScript execution vulnerability in the Docker API server's /executejs endpoint, which accepts and executes arbitrary user-supplied JavaScript in the server's browser context with --disable-web-security enabled. An attacker can execute arbitrary...

9.2CVSS6.3AI score0.00421EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 7:51 p.m.12 views

CVE-2026-11546

IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forgery (SSRF) vulnerability when the adminCenter-1.0 feature is enabled (CVE-2026-11546). Affected product versions and the root cause are described in IBM’s advisory: the vulnerability can im...

9.8CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/29 5:22 p.m.23 views

CVE-2026-57955

SigNoz versions up to 0.130.1 are affected by a SQL injection in the alert-history endpoints. The issue arises from unsanitized rule ID interpolation into ClickHouse queries, allowing authenticated attackers to inject URL-encoded quotes via the rule ID path parameter. The consequence is potential...

8.5CVSS6.1AI score0.00235EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/29 4:12 p.m.7 views

EUVD-2026-40147

Improper handling of untrusted remote references in Snowflake CLI versions prior to 3.19 allowed server-side request forgery. The SQL statement reader's !source/!load directives could reference remote URLs that were retrieved at runtime without sufficient restriction on the request destination. B...

4.1CVSS5.9AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 10:11 p.m.9 views

EUVD-2026-38054

PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References5
CVE
CVE
added 2026/06/26 7:26 a.m.16 views

CVE-2026-2053

The CVE-2026-2053 entry concerns the WSO2 API Manager: the message flow component mishandles WS-Addressing headers by not adequately validating user-controlled input, allowing an attacker to manipulate headers to set arbitrary destinations for server-initiated requests. This results in unauthenti...

10CVSS5.9AI score0.00222EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/25 9:16 p.m.25 views

CVE-2026-12992 Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation

A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import...

7.4CVSS0.00187EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/25 2:30 p.m.5 views

EUVD-2026-39421

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema see CVE-2020-26247, was not correctly enforced on the JRuby implementation. As a result, a schema parsed with...

4.3CVSS6.6AI score0.01109EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 9:38 p.m.4 views

CVE-2026-49979 Appsmith: SSRF via `POST /api/v1/admin/send-test-email` — JavaMail Bypasses WebClient IP Filter

Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses...

5.1CVSS6AI score0.00341EPSS
Exploits3References3
OSV
OSV
added 2026/06/24 6:8 p.m.2 views

CVE-2026-53946 Ghost: Mobiledoc image-size fetch SSRF

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, when re-rendering posts, Ghost would refetch missing image dimensions by issuing an outbound HTTP request to the URL stored on an image card — without restricting that URL to trusted image hosts. An authenticated staff user...

5.4CVSS5.9AI score0.00122EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.33 views

CVE-2026-57303

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 1:20 p.m.7 views

EUVD-2026-38784

Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks, allowing attackers able to control the responses of the configured Assembla server to extract secrets from the Jenkins controller or perform server-side request forgery...

7.1CVSS5.9AI score0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:41 p.m.26 views

CVE-2026-46548

NocoDB (CVE-2026-46548 ) exhibits an SSRF protection bypass in the notification webhook plugins for Slack, Discord, Mattermost, and Teams. Root cause: in the affected code paths, the httpAgent/httpsAgent were incorrectly placed in the request body of axios.post instead of the config argument, all...

4.3CVSS6AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 7:42 p.m.27 views

CVE-2026-53930 NocoDB: Server-Side Request Forgery via Base Migration URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the base-migration endpoint accepted a caller-supplied URL that the migration worker dereferenced without enforcing protocol or destination, allowing scheme abuse file:, ftp:, etc. and probing of internal HTTP...

5.1CVSS0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 8:0 p.m.21 views

CVE-2026-55599 phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS0.00133EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/22 2:46 p.m.8 views

EUVD-2026-38252

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery SSRF with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure...

7.4CVSS5.8AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2026/06/21 10:30 p.m.12 views

CVE-2026-12813

Affected software: activepieces (

6.5CVSS6.2AI score0.00201EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/20 3:21 p.m.3 views

CVE-2024-58351

Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig option, supported in both the frontend web integration and the backend Prediction API. Because this feature is enabled by default with no allow-list of permitted variables and relie...

9.8CVSS6.5AI score0.00648EPSS
Exploits0References3
Rows per page
Query Builder