Lucene search
K

25368 matches found

NVD
NVD
added 2 days ago7 views

CVE-2026-55115

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-54401

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...

7.7CVSS0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41394

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-55113

A malicious actor with access to the network could exploit a Server-Side Request Forgery SSRF vulnerability found in UniFi Talk Application to execute a Denial of Service DoS attack and bypass authentication in certain UniFi Talk API endpoints...

7.5CVSS0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-41398

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago2 views

CVE-2026-55115

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago2 views

CVE-2026-54401

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-54401

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...

7.7CVSS0.00201EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-41392

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-57681

Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...

6.4CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2 days ago9 views

CVE-2026-57621

Unauthenticated PHP Object Injection in Booktics = 1.0.21 versions...

9.8CVSS0.00336EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-57348

Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...

7.2CVSS0.00203EPSS
Exploits0References1
NVD
NVD
added 2 days ago10 views

CVE-2026-54430

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57681 WordPress GeoDirectory plugin <= 2.8.161 - Server Side Request Forgery (SSRF) vulnerability

Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...

6.4CVSS0.0023EPSS
Exploits0References1
CVE
CVE
added 2 days ago7 views

CVE-2026-57681

The CVE describes a Server Side Request Forgery (SSRF) vulnerability in the WordPress GeoDirectory plugin for WordPress, specifically version

6.4CVSS5.8AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41290

Subscriber Server Side Request Forgery SSRF in GeoDirectory = 2.8.161 versions...

6.4CVSS5.8AI score0.0023EPSS
Exploits0References1
CVE
CVE
added 2 days ago6 views

CVE-2026-57348

CVE-2026-57348 affects WordPress plugin Paid Member Subscriptions (versions &lt;= 3.0.4). An unauthenticated server-side request forgery (SSRF) vulnerability exists in this plugin, enabling an attacker to induce the server to fetch arbitrary resources. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C...

7.2CVSS5.8AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57348 WordPress Paid Member Subscriptions plugin <= 3.0.4 - Server Side Request Forgery (SSRF) vulnerability

Unauthenticated Server Side Request Forgery SSRF in Paid Member Subscriptions = 3.0.4 versions...

7.2CVSS0.00203EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-54430

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS5.8AI score0.00121EPSS
Exploits0
Rows per page
Query Builder