CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

316 matches found

GithubExploit•added 16 hours ago•24 views

PHANTOM_CTF_HACKINGCLUB_BY_BSIDESRECIFE

Phantom — CTF Writeup & Exploit HackingClub / BSides Recife...

5.5AI score

Exploits0

RedhatCVE•added 2 days ago•10 views

CVE-2026-11346

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

5.3CVSS5.6AI score0.00038EPSS

Exploits0References1

NVD•added 3 days ago•6 views

CVE-2026-46393

HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enablin...

7.1CVSS0.00038EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-20035

A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by...

7.2CVSS5.7AI score0.00026EPSS

Exploits0References1

Positive Technologies•added 3 days ago•9 views

PT-2026-46932

5.3CVSS5.6AI score0.00038EPSS

Exploits0References2

Tenable Nessus•added 4 days ago•6 views

JetBrains TeamCity < 2025.11.5 Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2025.11.5. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2026.1, 2025.11.5 authenticated users could expose server API to unauthorised access CVE-2026-44413 - In JetBrains TeamCity...

8.2CVSS5.6AI score0.00125EPSS

Exploits0References4

Cvelist•added 6 days ago•25 views

CVE-2026-49120 Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS0.00028EPSS

Exploits0References4

Packet Storm•added 2026/06/01 12:0 a.m.•38 views

📄 dmonitor 1.0.3 Server-Side Request Forgery / Redis Enumeration

Proof of concept demonstration exploit for dmonitor version 1.0.3 that leverages an unauthenticated server-side request forgery vulnerability to demonstrate redis access and data enumeration...

5.8AI score

Exploits0

Vulnrichment•added 2026/05/29 7:59 a.m.•9 views

CVE-2026-10052 Quay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpoints

A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...

4.1CVSS5.8AI score0.0003EPSS

Exploits0References2

Debian CVE•added 2026/05/28 7:10 p.m.•7 views

CVE-2026-49129

Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...

6.9CVSS5.8AI score0.00059EPSS

Exploits0

ATTACKERKB•added 2026/05/27 5:9 p.m.•6 views

CVE-2026-45717

Budibase is an open-source low-code platform. Prior to 3.38.1, Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET...

8.8CVSS6AI score0.00036EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/27 4:52 p.m.•6 views

CVE-2026-48153 Budibase: SSRF via OAuth2 token endpoint URL reaches internal hosts and cloud metadata

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codebase uses. The Joi schema for the OAuth2 URL has no...

8.5CVSS5.8AI score0.00032EPSS

Exploits0References1

SUSE CVE•added 2026/05/27 3:5 a.m.•6 views

SUSE CVE-2025-27152

axios is a promise based HTTP client for the browser and node.js. The issue occurs when passing absolute URLs rather than protocol-relative URLs to axios. Even if ⁠baseURL is set, axios sends the request to the specified absolute URL, potentially causing SSRF and credential leakage. This issue...

7.5CVSS6.3AI score0.00212EPSS

Exploits1References6

Cvelist•added 2026/05/27 12:2 a.m.•30 views

CVE-2026-9312 Server-Side Request Forgery vulnerability in GitHub Enterprise Server allowed access to internal services via path traversal in upload endpoint

A server-side request forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request...

9.2CVSS0.00053EPSS

Exploits0References6

CNNVD•added 2026/05/27 12:0 a.m.•5 views

Budibase 代码问题漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained code-related vulnerabilities. These vulnerabilities stemmed from the OAuth2 tok...

7.7CVSS5.8AI score0.00032EPSS

Exploits0References2

Positive Technologies•added 2026/05/25 12:0 a.m.•5 views

PT-2026-43106

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions 1.6.14 through 1.6.16 Roundcube Webmail versions prior to 1.7.1 Description Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to Server-Side Request Forgery SSRF, where an attacker...

7.2CVSS5.8AI score0.0004EPSS

Exploits0References16

OSV•added 2026/05/21 8:20 p.m.•2 views

GHSA-C5FP-P67M-GQ56 Snappy : SSRF and local file read via the xsl-style-sheet option

Impact It impacts applications where: - the PHP daemon run with root permissions ; - the application is either running outside a container or has sensitive file access ; It could happens with this kind of workflows: php $stylesheet = $GET'stylesheet'; // = ‘file:///etc/passwd’ $pdf = new...

6.9CVSS5.8AI score

Exploits0References2

CNNVD•added 2026/05/20 12:0 a.m.•6 views

WordPress plugin Nexa Blocks 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

5.4CVSS5.9AI score0.001EPSS

Exploits0References1

ATTACKERKB•added 2026/05/19 9:33 a.m.•4 views

CVE-2026-31910

Server-Side Request Forgery SSRF vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.8AI score0.00101EPSS

Exploits0References2

CVE•added 2026/05/15 6:36 p.m.•11 views

CVE-2021-47958

CVE-2021-47958 affects CouchCMS 2.2.1 and is a server-side request forgery via SVG upload. An authenticated attacker can upload SVG files containing external entity references through the browse.php endpoint to trigger arbitrary HTTP requests from the server, enabling access to internal services ...

5.3CVSS5.9AI score0.00028EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by