Lucene search
+L

9430 matches found

Nuclei
Nuclei
added yesterday19 views

BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery

Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...

6.9CVSS5.3AI score0.0083EPSS
Exploits0References3
Nuclei
Nuclei
added yesterday38 views

Visualizer <3.3.1 - Blind Server-Side Request Forgery

Visualizer prior to 3.3.1 suffers from a blind server-side request forgery vulnerability via the /wp-json/visualizer/v1/upload-data endpoint. id: CVE-2019-16932 info: name: Visualizer 3.3.1 - Blind Server-Side Request Forgery author: akincibor severity: critical description: | Visualizer prior to...

10CVSS8.4AI score0.39137EPSS
Exploits2References5
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60971

A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.15.0-beta.32. This affects the function CheckSSRF/isPrivateIP of the file internal/tools/web shared.go of the component web fetch. Such manipulation leads to server-side request forgery. The attack can be launched...

6.5CVSS4.9AI score
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2 days ago6 views

CVE-2026-53727

cssparser is a Ruby CSS parser. From 2.2.0 until 3.0.0, CssParser::Parserreadremotefile in lib/cssparser/parser.rb, and therefore loaduri! and the @import-following branch of addblock!, issued HTTP and HTTPS requests against any host, port, and URI without a scheme allowlist, host or IP filtering...

8.9CVSS5.5AI score0.00489EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-53727 css_parser: SSRF and Local File Disclosure in `CssParser::Parser#read_remote_file`

cssparser is a Ruby CSS parser. From 2.2.0 until 3.0.0, CssParser::Parserreadremotefile in lib/cssparser/parser.rb, and therefore loaduri! and the @import-following branch of addblock!, issued HTTP and HTTPS requests against any host, port, and URI without a scheme allowlist, host or IP filtering...

8.9CVSS0.00489EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-45295

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allowing a malicious or compromised registry to cause SSRF to internal networks such as...

2.1CVSS5.2AI score0.0026EPSS
Exploits0References3
CVE
CVE
added 2 days ago18 views

CVE-2026-7754

CVE-2026-7754 affects Langflow OSS versions 1.0.0–1.10.0, where SSRF protection could be disabled by default settings, allowing an authenticated user to trigger server-side requests to arbitrary URLs (including metadata endpoints). The IBM bulletin confirms the vulnerability stems from misconfigu...

7.7CVSS5.3AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-45194

Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers ca...

6.9CVSS5.5AI score0.00212EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago10 views

CVE-2026-41854

A flaw was found in Spring Framework. Due to incorrect host parsing in the UriComponentsBuilder component, applications that process externally provided URL strings may be vulnerable to a Server-Side Request Forgery SSRF attack. An SSRF attack allows an attacker to trick the server into making...

6.5CVSS4.9AI score0.00123EPSS
Exploits0References4
Nuclei
Nuclei
added 2 days ago117 views

Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery

Jenkins GitHub Plugin 1.29.1 and earlier is susceptible to server-side request forgery via GitHubTokenCredentialsCreator.java, which allows attackers to leverage attacker-specified credentials IDs obtained through another method and capture the credentials stored in Jenkins. id: CVE-2018-1000600...

8.8CVSS7.9AI score0.90894EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago72 views

WordPress Canto 1.3.0 - Blind Server-Side Request Forgery

WordPress Canto plugin 1.3.0 is susceptible to blind server-side request forgery. An attacker can make a request to any internal and external server via /includes/lib/detail.php?subdomain and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized administrative...

5.3CVSS5.8AI score0.27771EPSS
Exploits3References5
Nuclei
Nuclei
added 2 days ago83 views

Oracle Weblogic - Server-Side Request Forgery

An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services. id: CVE-2014-4210 info: name: Oracle Weblogic - Server-Side Request Forgery author:...

5CVSS8.4AI score0.38152EPSS
Exploits8References5
Nuclei
Nuclei
added 2 days ago88 views

LiteLLM - Server-Side Request Forgery

LiteLLM vulnerable to Server-Side Request Forgery SSRF vulnerability Exposes OpenAI API Keys. id: CVE-2024-6587 info: name: LiteLLM - Server-Side Request Forgery author: pdresearch,iamnoooob,rootxharsh,lambdasawa severity: high description: | LiteLLM vulnerable to Server-Side Request Forgery SSRF...

7.5CVSS7.7AI score0.37197EPSS
Exploits1References2
Nuclei
Nuclei
added 2 days ago163 views

GeoServer WPS - Server Side Request Forgery

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The OGC Web Processing Service WPS specification is designed to process information from any server using GET and POST requests. This presents the opportunity for Server Side Request...

9.8CVSS8.2AI score0.67715EPSS
Exploits0References4
Nuclei
Nuclei
added 2 days ago46 views

Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery

Ignite Realtime Openfire through version 4.4.2 allows attackers to send arbitrary HTTP GET requests in FaviconServlet.java, resulting in server-side request forgery. id: CVE-2019-18394 info: name: Ignite Realtime Openfire =4.4.3 to fix this vulnerability. reference: -...

9.8CVSS8.4AI score0.32304EPSS
Exploits1References5
Cvelist
Cvelist
added 2 days ago38 views

CVE-2026-62214 OpenClaw < 2026.5.28 Bot Framework SSRF via serviceUrl Parameter Validation

OpenClaw versions before 2026.5.28 Bot Framework contains an improper input validation vulnerability that allows lower-trust callers to expose bot tokens and credentials by failing to properly validate serviceUrl parameters. Attackers can supply malicious serviceUrl values through configured inpu...

6.5CVSS0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-60789

Dendrite through 0.13.8 contains a server-side request forgery vulnerability that allows unauthenticated attackers to cause the server to open outbound TLS connections to arbitrary hosts and ports by supplying an unvalidated serverName parameter to the legacy media download endpoint. Attackers ca...

6.9CVSS5.5AI score0.00212EPSS
Exploits0References3
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-44023 Docling Core has unsafe remote filename resolution

Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in...

8.6CVSS0.00286EPSS
Exploits0References2
CVE
CVE
added 3 days ago30 views

CVE-2026-44023

Docling Core (docling-core) versions &gt;= 1.5.0 and = 2.74.1 is recommended. If upgrading isn’t immediately possible, a workaround is to avoid passing untrusted URLs into remote fetch functionality. There is no exploitation detail in the provided documents, and no in‑the‑wild exploit information...

8.6CVSS6.1AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

CVE-2026-45568 zrok Python ProxyShare can be used as an SSRF proxy through absolute URL paths

zrok is software for sharing web services, files, and network resources. Prior to 2.0.3, zrok's Python SDK ProxyShare Flask proxy route accepts an absolute URL in the request path and passes it to urllib.parse.urljoin, allowing the requested path to replace the configured target host and causing...

9.9CVSS6.1AI score0.00356EPSS
Exploits0References5
Rows per page
Query Builder