24929 matches found
EUVD-2026-33035
Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...
CVE-2026-49093
CVE-2026-49093 describes a Server-Side Request Forgery (SSRF) in Kibana that can be exploited by an authenticated user with connector management privileges to bypass the operator-configured allowlist and make Kibana issue outbound requests to blocked destinations. The issue affects Kibana 9.x ver...
CVE-2026-49093 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access
Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...
CVE-2026-49093 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access
Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress controls were intended to block...
CVE-2026-42398
Kibana is affected by SSRF (CWE-918) where authenticated users with connector-management privileges can bypass the operator-configured allowlist by configuring a Webhook connector to target destinations. The issue allows outbound requests to blocked destinations as per egress controls. Affected v...
CVE-2026-42398
Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations...
CVE-2026-42398 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access
Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations...
EUVD-2026-33032
Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations...
CVE-2026-42398 Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access
Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kibana to issue outbound requests to destinations...
Kibana 9.3.3 Security Update (ESA-2026-40)
Server-Side Request Forgery SSRF in Kibana Leading to Unauthorized Network Access Server-Side Request Forgery CWE-918 in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound...
Kibana 9.2.8, and 9.3.2 Security Update (ESA-2026-37)
Server-Side Request Forgery SSRF in Kibana Leading to Unauthorized Network Access Server-Side Request Forgery CWE-918 in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted...
GHSA-G23J-2VWM-5C25 local-deep-research has an SSRF bypass in `safe_get`
Summary The URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. Details The current project uses validateurl to validate the input URL. The main logic is to perform security checks on the host portion of the URL extracted by...
local-deep-research has an SSRF bypass in `safe_get`
Summary The URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. Details The current project uses validateurl to validate the input URL. The main logic is to perform security checks on the host portion of the URL extracted by...
CVE-2026-49129
Music Player Daemon (MPD) <= 0.24.10 contains a server-side request forgery (SSRF) in CurlInputPlugin by setting CURLOPT_FOLLOWLOCATION without CURLOPT_REDIR_PROTOCOLS_STR. This allows unauthenticated attackers to bypass the http/https scheme restriction and redirect to non-HTTP protocols (e.g...
CVE-2026-49129 Music Player Daemon < 0.24.11 SSRF via CurlInputPlugin
Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...
EUVD-2026-33005
Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...
CVE-2026-49129
Music Player Daemon MPD before version 0.24.11 contains a server-side request forgery vulnerability in CurlInputPlugin where CURLOPTFOLLOWLOCATION is set without CURLOPTREDIRPROTOCOLSSTR, allowing unauthenticated attackers to bypass the http/https scheme restriction by causing a malicious HTTP...
GHSA-GG2G-P7XC-QQMM compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)
A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...
compliance-trestle Vulnerable to Remote Code Execution via Recursive Server-Side Template Injection (SSTI)
A High severity Server-Side Template Injection SSTI vulnerability exists in the trestle author jinja command. The command recursively evaluates rendered templates, allowing an attacker to achieve arbitrary command execution with privileges of the running process by injecting malicious payloads in...
Server-side Request Forgery (SSRF)
Overview compliance-trestle is a Tools to manage & autogenerate python objects representing the OSCAL layers/models Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HTTPSFetcher.dofetch function. A user can access internal services or cloud metadata...