Lucene search
K

138 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42106

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollamabaseurl parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attack...

9.3CVSS6AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.7 views

PT-2026-56268

Name of the Vulnerable Software and Affected Versions mem0 affected versions not specified Description Unauthenticated config API endpoints expose LLM API keys in plaintext and enable server-side request forgery SSRF, a technique where an attacker induces the server to make requests to an...

9.3CVSS6.1AI score0.00259EPSS
Exploits0References8
OSV
OSV
added 2026/07/03 8:19 p.m.3 views

CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering...

9.6CVSS7.1AI score0.00464EPSS
Exploits1References7
OSV
OSV
added 2026/06/26 4:36 p.m.4 views

GHSA-72F5-RR8C-R6GR Fluentd is Vulnerable to Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

The outhttp output plugin allows the use of placeholders such as $tag in the endpoint configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by...

7.2CVSS6AI score0.00449EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/23 9:22 p.m.9 views

jackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF)

Summary JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution for hostname inputs at deserialization time. An application that binds untrusted JSON into a type containing an InetSocketAddress field issues an...

5.3CVSS5.9AI score0.00219EPSS
Exploits0References4Affected Software2
EUVD
EUVD
added 2026/06/15 7:28 p.m.12 views

EUVD-2026-32915

PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes...

8.8CVSS7.8AI score0.02214EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/11 2:50 p.m.6 views

Security Bulletin: IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718

Summary IBM Maximo Scheduler Optimizer uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

9.9CVSS6.5AI score0.01161EPSS
Exploits1Affected Software1
NVD
NVD
added 2026/06/10 10:17 p.m.9 views

CVE-2026-50131

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

8.6CVSS0.00269EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.11 views

PT-2026-48548

Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validation before runtime document and media fetching. However, the IPv4 validation logic present starting...

8.6CVSS5.4AI score0.00269EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 6:38 p.m.8 views

Security Bulletin: Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0

Summary Langflow OSS affected by vulnerabilies in Axios versions prior to 1.15.0 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checki...

9.9CVSS5.5AI score0.01161EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 7:24 p.m.10 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in axios-1.12.2.tgz Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when...

9.9CVSS5.8AI score0.01161EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.24 views

PT-2026-45022

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4 Description NodeVM allows the exclusion of public network builtins from the wildcard builtin option, which blocks direct access to modules such as 'http', 'https', 'http2', 'net', 'dgram', 'tls', 'dns', and...

8.6CVSS5.3AI score0.00282EPSS
Exploits0References6
PyPA
PyPA
added 2026/05/28 4:16 p.m.11 views

PYSEC-0000-CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS5.9AI score0.00181EPSS
Exploits1References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/28 3:53 p.m.22 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (2025-62718)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios i...

9.9CVSS6.4AI score0.01161EPSS
Exploits1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:0 p.m.14 views

CVE-2026-48522

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS6AI score0.00181EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 3:0 p.m.40 views

CVE-2026-48522 PyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemes

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen which uses Python stdlib's default OpenerDirector registering HTTPHandler, HTTPSHandler, FTPHandler, FileHandler, and DataHandler. There is currently no...

4.2CVSS0.00181EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/25 7:11 p.m.10 views

EUVD-2026-31718

Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix fo...

7.2CVSS5.8AI score0.0031EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Ruby-Nokogiri

Nokogiri is a Rubygem that provides HTML, XML, SAX, and Reader parsers, with support for XPath and CSS selectors. In Nokogiri versions prior to 1.11.0.rc4, there was an XXE vulnerability. XML schemas parsed by Nokogiri::XML::Schema are trusted by default, allowing external resources to be accesse...

4.3CVSS6.6AI score0.01109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/08 10:47 p.m.6 views

CVE-2026-41682 pupnp: Port truncation via atoi() cast in parse_uri() allows SSRF port confusion

pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi cast in parseuri. This issue has been patched in version 1.18.5...

6.9CVSS5.7AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/07 4:18 a.m.51 views

CVE-2026-41413 Istio Vulnerable to SSRF via RequestAuthentication jwksUri

Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without filtering out localhos...

5CVSS0.00329EPSS
Exploits0References3
Rows per page
Query Builder