CVE-2026-48858

The CVE-2026-48858 entry describes a Server-Side Request Forgery (SSRF) flaw in Erlang/OTP ftp’s PASV path: the ftp_internal PASV handler accepts the server’s 227 response IP and passes it to gen_tcp:connect without validating it against the control connection peer, unlike EPSV handlers. This ena...

CVE-2026-48858

Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftpinternal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftpinternal:handlectrlresult/2 PASV handler mode=passive, ipfamily=inet, ftpextension=false extracts the IP address from the...

CVE-2026-45561 Roxy-WI: SSRF in /smon/agent/<endpoint>/<server_ip> reachable to cloud metadata IPs

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/version,uptime,status,checks/ family of routes takes the URL path component verbatim into requests.getf'http://serverip:agentport/...'. The path component is...

CVE-2026-45561

CVE-2026-45561 affects Roxy-WI web interface (versions 8.2.6.4 and earlier) and allows SSRF via the /smon/agent/{version,uptime,status,checks}/ endpoints. The path component is passed verbatim into requests.get("http://{server_ip}:{agent_port}/...") and is only constrained by Flask’s default URL ...

crawlee 代码问题漏洞

Crawlee is an open-source web scraping and browser automation library developed by Apify. Versions of Crawlee from 1.0.0 to 1.7.0 had code vulnerabilities. These vulnerabilities stemmed from URLs generated using site maps, which could lead to server-side request forgeing attacks...

Splunk Cloud Platform和Splunk Enterprise 代码问题漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There are code vulnerabilities in...

PT-2026-48476

Affected: @hulumi/policies 1.4.0 — Fixed in: 1.4.0 — Severity: High — CWE-284 Improper Access Control Summary HULUMI-H1 forbids raw aws:s3:Bucket outside of Hulumi's SecureBucket component, with one exemption: a raw bucket that's a child of a SecureBucket is allowed because the component is...

PT-2026-48480

Summary Papra's webhook delivery system contains an SSRF protection bypass that allows any authenticated organisation member to cause the server to make HTTP requests to internal addresses — loopback, link-local, and RFC-1918 ranges. The SSRF protection validates the registered webhook URL but...

PT-2026-48465

Summary Server-Side Request Forgery SSRF vulnerability in Erlang/OTP ftp ftp internal module allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp internal:handle ctrl result/2 PASV handler mode=passive, ipfamily=inet, ftp extension=false extracts the IP address...

Fedify 代码问题漏洞

Fedify is a TypeScript library developed by Hong Minhee. It is used to build federated server applications that support ActivityPub and other standards. Versions of Fedify prior to 1.9.12, 1.10.11, 2.0.19, 2.1.15, and 2.2.4 have code vulnerabilities. These vulnerabilities stem from an incomplete...

Server-side Request Forgery (SSRF)

Overview org.springframework.ws:spring-ws-core is a product of the Spring community focused on creating document-driven Web services. Spring Web Services aims to facilitate contract-first SOAP service development, allowing for the creation of flexible web services using one of the many ways to...

PhoenixStorybook: Unauthenticated remote code execution via HEEx template injection in phoenix_storybook playground

Summary An unsafe HEEx template generation vulnerability allows any unauthenticated user to execute arbitrary code on the server. The phoenixstorybook playground accepts user-controlled attribute values over WebSocket and interpolates them unsanitized into a HEEx template that is subsequently...

CVE-2026-42863

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the chatflow update endpoint of FlowiseAI. The endpoint allows clients to modify server-controlled properties such as deployed, isPublic,...

CVE-2026-47938

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-47938) that could lead to arbitrary code execution in the context of the current user without user interaction. CVSSv3.1 base score 10.0 (CRITICAL), vect...

CVE-2026-47938 Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed...

EUVD-2026-35839

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed...

EUVD-2026-35680

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...

EUVD-2026-35678

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...

EUVD-2026-35677

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network...

EUVD-2026-35446

CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an attacker with a Data Center Expert user account submits crafted XML payloads to SOAP service endpoints...