Lucene search
+L

10857 matches found

nuclei
nuclei
added yesterday86 views

ColumbiaSoft DocumentLocator - Improper Authentication

Instances of ColumbiaSoft's Document Locator prior to version 7.2 SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF vulnerability. This template identifies vulnerable instances of the ColumbiaSoft Document Locater application by confirming external DNS interaction/lookups by...

9.8CVSS7.1AI score0.61043EPSS
Exploits0References4
nuclei
nuclei
added yesterday25 views

Qualitor <= v8.24 - Server-Side Request Forgery

Qualitor v8.24 was discovered to contain a Server-Side Request Forgery SSRF via the component /request/viewValidacao.php. id: CVE-2024-48360 info: name: Qualitor = v8.24 - Server-Side Request Forgery author: s4e-io severity: high description: | Qualitor v8.24 was discovered to contain a Server-Si...

7.5CVSS6AI score0.03905EPSS
Exploits3References3
nuclei
nuclei
added yesterday90 views

LocalAI - Partial Local File Read

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery SSRF and partial Local File Inclusion LFI. The endpoint supports both https-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the...

5.8CVSS6.3AI score0.02475EPSS
Exploits1References3
nuclei
nuclei
added yesterday80 views

Apache HTTPd Windows UNC - Server-Side Request Forgery

SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note- Existing configurations that access UNC paths will have to configure new...

7.5CVSS6.7AI score0.6795EPSS
Exploits1References5
euvd
euvd
added 2 days ago5 views

EUVD-2026-44762

Strands Agents is an open-source Python SDK for building and running AI agents. The strands-agents-tools package provides pre-built tools for use with the SDK, including the elasticsearchmemory tool for agent memory storage. We identified CVE-2026-15746, a server-side request forgery SSRF issue i...

6.9CVSS6.1AI score0.00244EPSS
Exploits0References3
cvelist
cvelist
added 2 days ago30 views

CVE-2026-53513 Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, the @better-auth/sso plugin's POST /sso/register and POST /sso/update-provider endpoints accept attacker-controlled oidcConfig.userInfoEndpoint, tokenEndpoint, and jwksEndpoint URLs when skipDiscovery: tru...

9.6CVSS0.00252EPSS
Exploits0References4
nvd
nvd
added 2 days ago6 views

CVE-2026-61835

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts treats 0.0.0.0 as a keyword for local interfaces but...

7.7CVSS0.0025EPSS
Exploits0References4
cvelist
cvelist
added 2 days ago34 views

CVE-2026-54562 Cloudreve: Non-admin remote download users can SSRF loopback/internal services and read imported responses

Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...

6.5CVSS0.00231EPSS
Exploits0References3
ncsc
ncsc
added 2 days ago10 views

Zero-day vulnerabilities are exploited in SonicWall SMA1000 devices.

SonicWall has identified two vulnerabilities in the SonicWall SMA1000 appliance. The vulnerability with the identifier CVE-2026-15409 involves Server-Side Request Forgery SSRF in the Work Place interface, allowing an unauthorized attacker to send requests to the device to unintended locations. Th...

10CVSS6.4AI score0.01486EPSS
Exploits4References1
euvd
euvd
added 2 days ago8 views

EUVD-2026-44597

A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud...

8.6CVSS6.2AI score0.00312EPSS
Exploits0References1
nuclei
nuclei
added 2 days ago94 views

VMWare Workspace ONE UEM - Server-Side Request Forgery

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain a server-side request forgery vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without...

7.5CVSS7.1AI score0.97713EPSS
Exploits1References5
nuclei
nuclei
added 2 days ago107 views

XStream <1.4.15 - Server-Side Request Forgery

XStream before 1.4.15 is susceptible to server-side request forgery. An attacker can request data from internal resources that are not publicly available by manipulating the processed input stream, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorize...

7.7CVSS6.9AI score0.82238EPSS
Exploits4References5
nessus
nessus
added 2 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-62643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or...

7.2CVSS6.8AI score0.0031EPSS
Exploits0References3
cvelist
cvelist
added 3 days ago39 views

CVE-2026-15409

A Server-side request forgery SSRF vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location...

0.01266EPSS
Exploits3References1
cve
cve
added 3 days ago23 views

CVE-2026-48736

Summary: CVE-2026-48736 affects Symfony's NoPrivateNetworkHttpClient and IpUtils::PRIVATE_SUBNETS, where IPv6 transition prefixes (6to4, NAT64, Teredo, IPv4‑mapped IPv6) could bypass private‑IP checks and enable SSRF-like behavior when processing attacker‑supplied URLs. What’s affected: Symfony f...

8.6CVSS6.1AI score0.0046EPSS
Exploits0References6Affected Software1
euvd
euvd
added 3 days ago11 views

EUVD-2026-36132

Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges...

8.6CVSS6.1AI score0.00269EPSS
Exploits1References2
osv
osv
added 3 days ago3 views

CVE-2026-62643

In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. NOTE: this issue exists because of insufficient fixes for...

7.2CVSS6.1AI score0.00224EPSS
Exploits0References7
redhatcve
redhatcve
added 3 days ago6 views

CVE-2026-48978

A flaw was found in oras-go. The auth.Client in oras-go does not properly validate the scheme or host of the realm URL provided in a registry's WWW-Authenticate: Bearer challenge. A remote attacker, operating a malicious registry or performing a man-in-the-middle attack, could exploit this to...

3.1CVSS6AI score
Exploits0References4
nuclei
nuclei
added 3 days ago135 views

Emby < 4.5.0 - Server Server-Side Request Forgery

Emby Server before 4.5.0 allows server-side request forgery SSRF via the Items/RemoteSearch/Image ImageURL parameter. id: CVE-2020-26948 info: name: Emby 4.5.0 - Server Server-Side Request Forgery author: dwisiswant0 severity: critical description: | Emby Server before 4.5.0 allows server-side...

9.8CVSS7AI score0.87154EPSS
Exploits4References5
nuclei
nuclei
added 3 days ago564 views

ChatGPT-Next-Web - SSRF/XSS

Full-Read SSRF/XSS in NextChat, aka ChatGPT-Next-Web id: CVE-2023-49785 info: name: ChatGPT-Next-Web - SSRF/XSS author: high severity: critical description: | Full-Read SSRF/XSS in NextChat, aka ChatGPT-Next-Web impact: | Unauthenticated attackers can exploit SSRF vulnerabilities through the...

9.8CVSS7AI score0.83163EPSS
Exploits1References2
Rows per page
Query Builder