65 matches found
CVE-2026-59702
Summary: CVE-2026-59702 affects repomix. A server-side request forgery exists in POST /api/pack, where unauthenticated attackers can cause the server to fetch arbitrary URLs without proper validation. The endpoint accepts http://, https://, and file:// URLs and passes them to git clone, enabling ...
EUVD-2026-42298
repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that allows unauthenticated attackers to make arbitrary outbound requests. The endpoint fails to properly validate http://, https://, and file:// URLs before passing them to git clone, enabling attackers t...
GHSA-V54H-CP2W-9X4G Coder's session token leaked to arbitrary hosts via `coder open app` for external workspace apps
Summary coder open app opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the $SESSIONTOKEN placeholder the CLI replaces it with the user's real session token before handing the URL to the OS open handler. Note: Practical exploitation requir...
EUVD-2026-40400
IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...
EUVD-2026-11599
OpenCTI has Semi-Blind SSRF via Unvalidated External URL in Data Ingestion Feature...
Use of Hard-coded Credentials
Overview Crawl4AI is a 🚀🤖 Crawl4AI: Open-source LLM Friendly Web Crawler & scraper Affected versions of this package are vulnerable to Use of Hard-coded Credentials via the outputpath parameter, which allows arbitrary filesystem paths without validation. An attacker can overwrite or create files ...
CVE-2026-11424 Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure
A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...
CVE-2026-45609 mcp-security: Unvalidated URL Fetching (SSRF)
mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted...
CVE-2026-45609
CVE-2026-45609 concerns the mcp-security component of Spring AI, where unvalidated URL fetching enables SSRF prior to version 0.1.9. The vulnerability affects installations with Dynamic Client Registration (DCR) enabled and involves processing untrusted URLs used for OAuth-related discovery and m...
PT-2026-42673
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.04.1 Description A reflected Cross-Site Scripting XSS issue exists in the Page Leaving Warning page. The application reads the ncRedirectUrl and ncBackUrl query parameters from the route query without proper...
GHSA-QJP4-4JVR-XQG3 Spring AI MCP Security: Unvalidated URL Fetching (SSRF)
Summary The mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted URLs for OAuth-related discovery and metadata without verifying if the targets are malicious or internal to...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via unvalidated URL processing in the OAuth2 dynamic client registration process. An attacker can access internal network resources or sensitive information by supplying malicious URLs to be fetched by t...
Spring AI MCP Security: Unvalidated URL Fetching (SSRF)
Summary The mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol MCP security specifications. Specifically, it processes untrusted URLs for OAuth-related discovery and metadata without verifying if the targets are malicious or internal to...
EUVD-2026-29542
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch on agent-supplied URLs without validating scheme, port, or resolved IP, resulting in an SSRF vulnerability. This vulnerability is fixed in 0.x.y-security-1...
CVE-2026-6229
The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due to insufficient validation of user-supplied URLs in the rendercsvdata function, which can be bypassed by including 'docs.google.com/spreadsheets' in...
PT-2026-34846
Name of the Vulnerable Software and Affected Versions Kyverno versions prior to 1.18.0 Kyverno versions prior to 1.17.2 Kyverno versions prior to 1.16.4 Description The apiCall feature in ClusterPolicy automatically attaches the admission controller's ServiceAccount token to outgoing HTTP request...
GHSA-FMQP-4WFC-W3V7 Kyverno APICall SSRF Vulnerability Leading to Multi-Tenant Isolation Breach
Summary Kyverno's APICall feature contains a Server-Side Request Forgery SSRF vulnerability that allows users with Policy creation permissions to access arbitrary internal resources through Kyverno's high-privilege ServiceAccount. In multi-tenant Kubernetes environments, this constitutes a classi...
PraisonAIAgents has SSRF and Local File Read via Unvalidated URLs in web_crawl Tool
Summary The webcrawl function in praisonaiagents/tools/webcrawltools.py accepts arbitrary URLs from AI agents with zero validation. No scheme allowlisting, hostname/IP blocklisting, or private network checks are applied before fetching. This allows an attacker or prompt injection in crawled conte...
CVE-2026-40160 PraisonAIAgents has SSRF via unvalidated URL in `web_crawl` httpx fallback
PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, webcrawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get with followredirects=True and no host validation. An LLM agent tricked into crawling an internal URL can reach cloud metadata endpoints...
CVE-2026-40150
PraxisonAIAgents’ web_crawl() (praisonaiagents/tools/web_crawl_tools.py) before version 1.5.128 accepts arbitrary URLs with zero validation. There is no scheme allowlisting, hostname/IP blocklisting, or private-network checks prior to fetching, enabling potential SSRF and local file read via file...