90 matches found
Dify v1.6.0 - Server-Side Request Forgery
Dify v1.6.0 contains a server side request forgery caused by improper validation in controllers.console.remotefiles.RemoteFileUploadApi, letting attackers make arbitrary requests from the server, exploit requires network access. id: CVE-2025-56520 info: name: Dify v1.6.0 - Server-Side Request...
CVE-2026-15143 Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
A flaw was found in the filetype content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition XSD string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file...
EUVD-2026-42927
A flaw was found in the filetype content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition XSD string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file...
CVE-2026-15143
A flaw was found in the filetype content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition XSD string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file...
EUVD-2026-41997
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp apiurl field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a...
GHSA-JHHC-3HCP-QHM5 WeasyPrint has CSS Injection via Presentational Hints
Summary A CSS injection issue exists in WeasyPrint when HTML presentational hints are enabled. Unescaped attribute values are embedded into CSS, allowing injection of arbitrary CSS declarations. This affects applications processing untrusted HTML input. Details File: weasyprint/css/init.py The...
JetBrains TeamCity 代码问题漏洞
JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1 an...
SUSE CVE-2003-0098
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server...
CVE-2026-0502
The CVE-2026-0502 entry concerns SAP BusinessObjects Business Intelligence Platform with a CSRF protection flaw. An authenticated user can be tricked into sending unintended requests to the web server, leading to low impact on integrity and availability and no confidentiality impact. Public detai...
CVE-2026-42188 Geyser: Server-Side Request Forgery (SSRF) via Player Head Texture URL
Geyser is a bridge between Minecraft: Bedrock Edition and Minecraft: Java Edition. Prior to 2.9.3, a server-side request forgery SSRF vulnerability exists in Geyser’s handling of Bedrock player head texture data. By supplying a crafted Base64-encoded skin texture URL via the /give command, an...
CVE-2026-41887
The CVE-2026-41887 entry affects Flarum core prior to versions 1.8.16 and 2.0.0-rc.1, where values assigned to LESS-configurable settings (e.g., theme_primary_color/theme_secondary_color) are interpolated into LESS at compile time. An authenticated administrator can inject an arbitrary @import, e...
CVE-2026-41689 Wallos: Shared local webhook allowlist lets low-privilege users send arbitrary requests to allowlisted internal services
Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the webhook notification feature reuses an administrator-configured local-target allowlist for every logged-in user. Any normal user can fully control a webhook URL, headers, and body, then use...
CVE-2026-31955
CVE-2026-31955 affects Xibo CMS prior to 4.4.1. An authenticated SSRF vulnerability in the remote DataSet functionality allows users with DataSet permissions (and the privilege to add DataSets to Layouts) to cause the CMS server to issue arbitrary HTTP requests to internal or external resources. ...
XML External Entity (XXE) Injection
Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection in the startAssetImport process. An attacker can access sensitive files on the server or initiate server-side requests by uploading specially crafted XML files containing external entity references. Thi...
Chamilo LMS 代码问题漏洞
Chamilo LMS is an open-source online learning and collaboration system developed by Chamilo. This system supports the creation of teaching content, remote training, and online quizzes. Versions of Chamilo LMS prior to 2.0.0-RC.3 contained code vulnerabilities. These vulnerabilities stemmed from...
PT-2026-31437
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREE DOWNLOAD FROM URL is enabled opt-in, authenticated users can supply remote image URLs that are fetched server-side via requests.get with only Django's URLValidator check. There is no validation again...
GHSA-X369-MCW8-8RVJ Dark Reader gives users the ability to request style sheets from local web servers
Description Dark Reader versions prior to 4.9.117 included a behavior where a website could request a style sheet from a locally running web server, for example http://localhost:8080/style.css, If an address was available and returned a text/css content type. Patches The problem was fixed in...
Chamilo 代码问题漏洞
Chamilo is an open-source learning management system developed by Chamilo. Versions of Chamilo prior to 1.11.28 had code vulnerabilities. These vulnerabilities stemmed from defects in the OpenId functionality, which could lead to forged server requests without proper verification...
CVE-2026-26075
FastGPT is an AI Agent building platform. Due to the fact that FastGPT's web page acquisition nodes, HTTP nodes, etc. need to initiate data acquisition requests from the server, there are certain security issues. In addition to implementing internal network isolation in the deployment environment...
GitLab 代码问题漏洞
GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. There are code-related vulnerabilities in versions of GitLab EE prior t...