CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/29 12:0 a.m.•8 views

PT-2026-45048

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 0.20.0 through 2.0.9 Description An authenticated user with low privileges can perform a blind Server-Side Request Forgery SSRF by creating or updating a DDNS profile. By configuring a provider webhook with an arbitra...

6.4CVSS5.5AI score0.0025EPSS

Exploits0References6

Positive Technologies•added 2026/05/29 12:0 a.m.•8 views

PT-2026-44801

A Server-Side Request Forgery SSRF vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary...

6.4CVSS5.9AI score0.00138EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•8 views

PT-2026-44923

Name of the Vulnerable Software and Affected Versions MoviePilot version v2 Description An issue exists in the image proxy endpoint '/api/v1/system/img/proxy' that allows authenticated attackers to request arbitrary URLs. By providing a resource token cookie and a URL with a domain that matches t...

7.7CVSS5.9AI score0.0025EPSS

Exploits0References8

CNNVD•added 2026/05/29 12:0 a.m.•7 views

Mautic 安全漏洞

Mautic is an open-source marketing automation software developed by Mautic. This software can monitor and manage websites, send emails, and manage customer resources. Mautic has a security vulnerability that stems from insufficient URL validation provided by users. This vulnerability may allow...

6.4CVSS5.8AI score0.00138EPSS

Exploits0References1

Positive Technologies•added 2026/05/29 12:0 a.m.•9 views

PT-2026-44978

Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl method in InteractsWithMedia.php...

7.4CVSS6AI score0.00248EPSS

Exploits0References5

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44952

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1 JetBrains TeamCity version 2025.11.5 Description An unauthenticated Server-Side Request Forgery SSRF is possible via the build status. SSRF is a flaw that allows an attacker to induce the server-side...

7.5CVSS5.8AI score0.00287EPSS

Exploits0References4

Positive Technologies•added 2026/05/29 12:0 a.m.•9 views

PT-2026-44802

A Server-Side Template Injection SSTI vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function restrictions. Authenticated users with permissions to create or upload themes can abuse this to execute arbitrary code on the...

9.9CVSS6.3AI score0.00439EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•14 views

openSUSE 16 Security Update : apache2 (openSUSE-SU-2026:20810-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20810-1 advisory. Changes in apache2: Version update to 2.4.66 jscPED-16181 SECURITY: CVE-2025-66200: Apache HTTP Server: moduserdir+suexec bypass via AllowOverri...

9.1CVSS7AI score0.03322EPSS

Exploits2References24

Packet Storm•added 2026/05/29 12:0 a.m.•45 views

📄 EspoCRM 9.3.3 Server-Side Request Forgery

EspoCRM version 9.3.3 suffers from an authenticated server-side request forgery vulnerability. Exploit Title: EspoCRM 9.3.3 - Authenticated SSRF via Alternative IPv4 Notation Google Dork: N/A Date: 2026-05-08 Exploit Author: Max Gabriel https://github.com/EntroVyx Vendor Homepage:...

4.3CVSS5.8AI score0.01978EPSS

Exploits5

Redos•added 2026/05/29 12:0 a.m.•10 views

ROS-20260529-73-0011

The vulnerability in the vault is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to execute a SSRF attack remotely...

8.6CVSS5.9AI score0.00332EPSS

Exploits0

GitLab Advisory Database•added 2026/05/29 12:0 a.m.•7 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

GitLab Advisory Database•added 2026/05/29 12:0 a.m.•9 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

GitLab Advisory Database•added 2026/05/29 12:0 a.m.•10 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

GitLab Advisory Database•added 2026/05/29 12:0 a.m.•10 views

CC-Tweaked has an SSRF Protection Bypass with NAT64

Snyk•added 2026/05/28 10:45 p.m.•4 views

Server-side Request Forgery (SSRF)

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Webhook connector. An attacker can access internal network resources by configuring a...

7.7CVSS5.3AI score0.00272EPSS

Snyk•added 2026/05/28 10:44 p.m.•5 views

Server-side Request Forgery (SSRF)

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the connector management. An attacker can access internal network resources by bypassing...

7.7CVSS5.3AI score0.0018EPSS