PT-2026-47973

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a condition where malicious scripts are injected into trusted websites...

PT-2026-47976

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description A server-side request forgery SSRF issue allows an authorized attacker to elevate privileges over a network. SSRF is a flaw where an attacker can induce the server-side...

Adobe Campaign Classic 代码问题漏洞

Adobe Campaign Classic is a enterprise-level marketing automation and campaign management platform developed by Adobe Inc. Versions of Adobe Campaign Classic 7.4.3 build 9394 and earlier have code vulnerabilities that stem from server-side request forgery, which may lead to privilege escalation...

PT-2026-47974

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...

PT-2026-47665

Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a server-side request forgery SSRF attack. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18...

GHSA-8GHR-W65F-J3QR FUXA's scheduler API missing admin check enables operator-to-admin escalation via scheduled device actions

Summary An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be restricted to administrators. Details The Scheduler API did not correctly enforce administrator permissions when processing scheduler modifications. As a...

FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPERTY with response reading

Summary An unauthenticated attacker Alice connects to FUXA's Socket.IO endpoint and emits a device-webapi-request event whose property.address field names an arbitrary URL. FUXA's DEVICEWEBAPIREQUEST handler at server/runtime/index.js:296 calls axios.getaddress server-side and broadcasts the full...

GHSA-W86F-RF9W-H3X6 FUXA: Unauthenticated SSRF via Socket.IO DEVICE_WEBAPI_REQUEST and DEVICE_PROPERTY with response reading

Summary An unauthenticated attacker Alice connects to FUXA's Socket.IO endpoint and emits a device-webapi-request event whose property.address field names an arbitrary URL. FUXA's DEVICEWEBAPIREQUEST handler at server/runtime/index.js:296 calls axios.getaddress server-side and broadcasts the full...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to Server-side Request Forgery CVE-2026-1180

Summary keycloak is used by the IBM Datapower Operations Dashboard as part of their IAM and SSO implementation Vulnerability Details CVEID:CVE-2026-1180 DESCRIPTION: A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using privatekeyjw...

CVE-2026-42861

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the variable update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...

CVE-2026-42863 Flowise: Mass Assignment in Chatflow Update Endpoint Allows Cross-Workspace AgentFlow Reassignment

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the chatflow update endpoint of FlowiseAI. The endpoint allows clients to modify server-controlled properties such as deployed, isPublic,...

CVE-2026-42862 Flowise: Mass Assignment in Tool Update Endpoint Allows Cross-Workspace Resource Reassignment

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the tool update endpoint of FlowiseAI. The endpoint allows authenticated users to modify server-controlled properties such as workspaceId,...

CVE-2026-42861

Summary: CVE-2026-42861 affects Flowise (pre-3.1.2) with a mass assignment flaw in the variable update endpoint. What’s vulnerable: the PUT /api/v1/variables/{variableId} endpoint allows authenticated users to modify server-controlled fields (workspaceId, createdDate, updatedDate) by submitting t...

CVE-2026-11437

A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

Server-side Request Forgery (SSRF)

Overview geonode is an application for serving and sharing geospatial data Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the service registration endpoint. An attacker can access internal network resources and sensitive endpoints by submitting crafted...

GeoNode contains a server-side request forgery vulnerability in the service registration endpoint

GeoNode versions 4.4.5 and 5.0.2 and prior within their respective releases contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound network requests to arbitrary URLs by submitting a crafted service URL durin...

GHSA-HW9R-6M78-W6H3 GeoNode contains a server-side request forgery vulnerability in the service registration endpoint

GeoNode versions 4.4.5 and 5.0.2 and prior within their respective releases contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated attackers to trigger outbound network requests to arbitrary URLs by submitting a crafted service URL durin...

CVE-2023-54350

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...

CVE-2023-54352

The CVE-2023-54352 entry concerns WordPress Seotheme, where unauthenticated attackers can trigger remote code execution by uploading malicious files to the theme directory. The attack enables access to a PHP shell at /wp-content/themes/seotheme/mar.php to run system commands and upload additional...

CVE-2026-11469

A flaw has been found in jishenghua jshERP up to 3.6. Impacted is the function insertPlatformConfig of the file jshERP-boot/src/main/java/com/jsh/erp/service/PlatformConfigService.java of the component platformConfig Add Endpoint. Executing a manipulation of the argument platformValue can lead to...