25661 matches found
CVE-2026-3576
CVE-2026-3576 affects the Planyo Online Reservation System plugin for WordPress (versions up to 3.0). The flaw is an unauthenticated Server-Side Request Forgery via the ulap_url AJAX proxy (ulap.php). The allowlist checks a host (e.g., localhost) but does not validate the URL scheme, allowing a c...
EUVD-2026-43084
Server-Side Request Forgery SSRF vulnerability in Drupal Drupal core allows Server Side Request Forgery. This issue affects Drupal core versions: from 0.0.0 to 10.5.12, from 10.6.0 to 10.6.11, from 11.2.0 to 11.2.14, from 11.3.0 to 11.3.12, from 0.0.0 to 11.0., from 0.0.0 to 11.1...
EUVD-2026-43057
Server-Side Request Forgery SSRF vulnerability in Drupal OpenAI Provider allows Server Side Request Forgery. This issue affects OpenAI Provider versions: from 0.0.0 to 1.1.1, from 1.2.0 to 1.2.2...
CVE-2026-55807
CVE-2026-55807 concerns a Server-Side Request Forgery in Drupal core related to the oEmbed URL discovery path within the Media module. The issue allows the server to make unauthorized requests to arbitrary URLs, as described by multiple sources. Affected Drupal core versions include 0.0.0–10.5.12...
CVE-2026-13233
Summary: CVE-2026-13233 is a Server-Side Request Forgery (SSRF) vulnerability in the Drupal OpenAI Provider module. The issue arises because the module does not sufficiently sanitize user-supplied URLs, enabling SSRF. Affected software: Drupal OpenAI Provider module (OpenAI as a provider for the ...
CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
CVE-2026-15146
GNU Wget is vulnerable in FTP passive mode due to not validating the IP address in the PASV response, enabling potential SSRF to localhost/internal resources via a malicious FTP/redirected HTTP server. The issue is addressed in the 4f85853f... commit, which validates the PASV address against the ...
CVE-2026-15146 CVE-2026-15146
GNU Wget does not validate the IP address provided by an FTP PASV response while operating in FTP passive mode. A malicious FTP server, or an HTTP server that redirects to an FTP URL, can exploit this behavior to redirect Wget’s data connection to an arbitrary IP address and port. This allows an...
CVE-2026-55641
9Router is an AI router & token saver. Prior to 0.5.2, 9router determines whether a /v1 LLM proxy request is local by reading the client-controlled Host header, allowing a remote unauthenticated attacker to send Host: localhost and bypass API-key authentication. In the default configuration, this...
CVE-2026-15143
A flaw was found in the filetype content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition XSD string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file...
CVE-2026-55641
9router (affected component: /v1 LLM proxy logic) had an unauthenticated bypass due to client-controlled Host header processing before version 0.5.2. This allowed a remote attacker to craft Host: localhost to bypass API-key checks, potentially enabling upstream provider calls with stored credenti...
CVE-2026-55641 9router: Unauthenticated `/v1` proxy access via `Host`-header spoofing → open AI relay + SSRF
9Router is an AI router & token saver. Prior to 0.5.2, 9router determines whether a /v1 LLM proxy request is local by reading the client-controlled Host header, allowing a remote unauthenticated attacker to send Host: localhost and bypass API-key authentication. In the default configuration, this...
CVE-2026-56676
9router is affected by an image prefetch DNS rebinding vulnerability (CVE-2026-56676). Prior to v0.5.2, the application validates the image URL by DNS resolution but then performs a server-side fetch with a separate DNS lookup, enabling an authenticated attacker with access to the LLM proxy to tr...
CVE-2026-15143
CVE-2026-15143 affects guardrails-detectors' file_type content detector. An attacker can supply an arbitrary XML Schema (XSD) string, processed without proper restrictions, enabling server-side requests to arbitrary URLs or local file reads and risking disclosure of sensitive information.
CVE-2026-60091
PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhookurl parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a...
CVE-2026-56261
Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...
CVE-2026-60091
PraisionAI before 4.6.78 is affected by an unauthenticated SSRF in the Jobs API /api/v1/runs. The webhook_url parameter is validated at request time but re-resolved at connection time, enabling DNS rebinding to reach internal services via a blind SSRF attack. CVSS metrics: CVSSv3.1 base score 7.2...
CVE-2026-60091 PraisonAI before 4.6.78 Unauthenticated SSRF via webhook_url
PraisonAI before 4.6.78 contains an unauthenticated server-side request forgery vulnerability in the Jobs API /api/v1/runs endpoint. The webhookurl parameter is validated at request time but re-resolved at connection time, allowing attackers to use DNS rebinding to reach internal services with a...
CVE-2026-56261
CVE-2026-56261 affects Crawl4AI prior to 0.8.7. The Docker API server endpoints /crawl/job and /llm/job accept webhook URLs without destination validation, allowing SSRF to private/internal IP ranges, Docker networks, or cloud metadata endpoints (e.g., 169.254.169.254). Potential impact is exposu...
CVE-2026-56261 Crawl4AI - Server-Side Request Forgery via Webhook URLs
Crawl4AI before 0.8.7 contains a server-side request forgery SSRF vulnerability in the Docker API server's /crawl/job and /llm/job endpoints, which accept webhook URLs without destination validation. An attacker can supply webhook URLs pointing to private or internal IP ranges, Docker networks, o...