CVE-2026-9204 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to read arbitrary files from the Gitaly server and access internal network resources...

CVE-2026-40999

CVE-2026-40999 affects Spring Web Services (versions across 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, 5.0.0–5.0.1). When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS can initiate outbound connections via configured WebServiceMessageSender instances to destination...

CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations

When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...

Updated roundcubemail packages fix security vulnerabilities

Multiple security vulnerabilities were discovered in RoundCube Webmail, which could result in cross-site scripting, SQL injection, SSRF bypass, information disclosure, denial of service or code injection...

PT-2026-48732

Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations by supplying...

PT-2026-48697

Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy includes/Media Proxy.php with permission callback = return true that accepted a base64-encoded URL and forwarded it to wp remote get$url...

PT-2026-48742

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.18 Description An issue in browser control allows authenticated users to perform server-side request forgery SSRF, which is a flaw that enables an attacker to induce the server-side application to make request...

PT-2026-48671

Name of the Vulnerable Software and Affected Versions IBM Langflow Desktop versions 1.0.0 through 1.9.2 Description IBM Langflow is susceptible to server-side request forgery SSRF, a flaw where the server can be coerced into making requests to an unintended location. This issue can be triggered v...

Gitlab -- vulnerabilities

Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Denial of Service issue in Grape API JSON parsing middleware impacts GitLab CE/EE HTML injection issue in certain group setting fields...

Summarize 代码问题漏洞

Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.17.0 contained code vulnerabilities. These vulnerabilities were caused by server-side request forgeing attacks. Attackers could exploit these vulnerabilities by providing maliciou...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.18 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing issues in browser control, allowing authenticated users to bypass private network...

IBM Langflow Desktop 代码问题漏洞

IBM Langflow Desktop is a desktop application for AI process orchestration developed by IBM. Versions 1.0.0 to 1.9.2 of IBM Langflow Desktop have code vulnerabilities. These vulnerabilities are due to susceptibility to server-side request forgeing attacks, which may allow authenticated attackers ...

FreeBSD : Erlang/OTP -- FTP passive-mode client does not validate server response IP (d87e0681-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e0681-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-24cv-hwgr-37fq reports: The FTP client in passiv...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : Apache HTTP Server vulnerabilities (USN-8338-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8338-1 advisory. It was discovered that Apache HTTP Server incorrectly handled certain response headers. An attacker could possibly us...

GHSA-9PG3-25FQ-P6CC nebula-mesh: Newly-minted operator API key exposed in redirect URL (Referer, history, proxy logs)

internal/web/operators.go:251 — after handleOperatorCreateAPIKey mints a fresh 32-byte bearer token, the redirect points the operator's browser at: /ui/operators/?newkey=&keyname= The raw API key ends up: - in the browser's URL history - in the Referer header on every cross-origin asset the detai...

CVE-2026-45502

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...

CVE-2026-47938

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed...

CVE-2026-45504

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...

CVE-2026-50131 Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

CVE-2026-50131

Fedify (TypeScript federated server framework) has an incomplete SSRF mitigation in validatePublicUrl(): isValidPublicIPv4Address() blocks common private/local ranges but still treats several special-use, reserved, multicast, benchmarking, and carrier-grade NAT IPv4 ranges as valid. This exposes ...