Lucene search
K

356 matches found

NVD
NVD
added 2026/04/24 9:16 p.m.14 views

CVE-2026-41481

LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.splittextfromurl validated the initial URL using validatesafeurl but then performed the fetch with requests.get with redirects enabled the default. Because...

6.5CVSS0.0026EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 8:57 p.m.6 views

EUVD-2026-25635

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...

3.1CVSS5.2AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/24 8:57 p.m.35 views

CVE-2026-41488 angchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS...

3.1CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/04/23 3:37 p.m.5 views

CVE-2026-41461

SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated remote attackers...

8.5CVSS0.00302EPSS
Exploits1References4
OSV
OSV
added 2026/04/22 9:16 p.m.4 views

CVE-2026-41171 SSRF via Jint Scripting Engine HTTP Functions Due to Missing SSRF Protection on "Jint" HttpClient

Squidex is an open source headless content management system and content management hub. Versions prior to 7.23.0 have a Server-Side Request Forgery SSRF vulnerability due to missing SSRF protection on the Jint HTTP client used by scripting engine functions getJSON, request, etc.. An authenticate...

8.6CVSS6.1AI score0.00215EPSS
Exploits0References4
CVE
CVE
added 2026/04/22 8:33 p.m.19 views

CVE-2026-40882

OpenRemote’s Velbus asset import vulnerability (CVE-2026-40882) is an XXE in the import path prior to version 1.22.0. An authenticated user with import access can trigger XML external entity processing when posting Velbus project XML, potentially causing server-side file disclosure (target file

7.6CVSS5.7AI score0.00249EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/04/21 11:36 p.m.3 views

CVE-2026-41130 Craft CMS has a host header injection leading to SSRF via resource-js endpoint

Craft CMS is a content management system CMS. In versions on the 4.x branch through 4.17.8 and the 5.x branch through 5.9.14, the resource-js endpoint in Craft CMS allows unauthenticated requests to proxy remote JavaScript resources. When trustedHosts is not explicitly restricted default...

7CVSS6.1AI score0.0026EPSS
Exploits0References4
NVD
NVD
added 2026/04/21 11:16 p.m.21 views

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

7.7CVSS0.003EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.14 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing mechanism in the market plugin download function, which could allow attackers to...

7.6CVSS5.9AI score0.00236EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/17 9:47 p.m.10 views

OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation

Summary Browser snapshot and screenshot routes could expose internal page content after navigation. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.14 Impact Authenticated browser tool callers could use snapshot, screenshot, or tab routes that did n...

7.7CVSS5.7AI score0.00266EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/17 3:30 p.m.4 views

CVE-2026-6497

A vulnerability was determined in prasathmani TinyFileManager up to 2.6. Affected by this vulnerability is an unknown functionality of the file /filemanager.php?p= ajax=true&type=upload of the component File Upload Handler. This manipulation of the argument uploadurl causes server-side request...

6.5CVSS5.3AI score0.00267EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/17 12:0 a.m.10 views

CVE-2026-31317

Craftql v1.3.7 and before is vulnerable to Server-Side Request Forgery SSRF which allows an attacker to execute arbitrary code via the vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php file...

6.1AI score0.00463EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/16 10:53 p.m.11 views

LangChain Text Splitters: HTMLHeaderTextSplitter.split_text_from_url SSRF Redirect Bypass

Summary HTMLHeaderTextSplitter.splittextfromurl validated the initial URL using validatesafeurl but then performed the fetch with requests.get with redirects enabled the default. Because redirect targets were not revalidated, a URL pointing to an attacker-controlled server could redirect to...

6.5CVSS5.7AI score0.0026EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

Jellyfin 代码问题漏洞

Jellyfin is a free software media system developed by Jellyfin. It allows you to control the management and streaming of media. It’s an alternative to proprietary products like Emby and Plex, enabling the delivery of media from dedicated servers to end-user devices through multiple applications...

8.6CVSS5.9AI score0.00312EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/13 8:32 p.m.21 views

CVE-2026-33659 EspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network Access

EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Attachment/fromImageUrl endpoint is vulnerable to Server-Side Request Forgery SSRF via a DNS rebinding TOCTOU condition. Host validation uses dnsgetrecord but the actual HTTP...

3.5CVSS0.00333EPSS
Exploits1References3
NVD
NVD
added 2026/04/13 7:16 a.m.10 views

CVE-2026-5936

An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...

9.8CVSS0.00195EPSS
Exploits0References1
Zero Science Lab
Zero Science Lab
added 2026/04/12 12:0 a.m.57 views

Pachno 1.0.6 Wiki TextParser XXE Vulnerability

Summary Pachno is an open-source collaboration platform formerly known as The Bug Genie designed for team project management, issue tracking, and documentation. It offers a module-based, customizable environment for software development and team workflows, distributed under the Mozilla Public...

9.8CVSS6AI score0.00373EPSS
Exploits1
CVE
CVE
added 2026/04/10 4:59 p.m.28 views

CVE-2026-40160

Prais onAIAgents’ web_crawl has an SSRF in the httpx fallback prior to version 1.5.128. The fallback passes user-supplied URLs directly to httpx.AsyncClient.get() with follow_redirects=True and no host validation, enabling an LLM agent to crawl internal endpoints (including 169.254.169.254), inte...

7.1CVSS5.8AI score0.00281EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/04/09 9:27 p.m.12 views

CVE-2026-35629

CVE-2026-35629 affects OpenClaw before version 2026.3.25. The issue is SSRF via unguarded configured base URLs in multiple channel extensions, where unprotected fetch() calls can rebinding requests to blocked internal destinations and access restricted resources. Impact per sources is limited to ...

7.4CVSS5.9AI score0.00244EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:18 p.m.2 views

CVE-2026-40114

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhookurl in the request body with no URL validation. When a submitted job completes success or failure, the server makes an HTTP POST request to this URL using httpx.AsyncClient. An...

7.2CVSS6.1AI score0.0028EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder