CVE-2026-56771

NewsBlur before version 14.5.0 contains a server-side request forgery vulnerability in the addurl endpoint that allows authenticated users to make arbitrary server requests to internal networks by failing to filter private IP addresses. Attackers can exploit this to access localhost services and...

CVE-2026-53470 Migration-planner: getsourcedownloadurl missing organization check

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...

CVE-2026-53470

A flaw was found in migration-planner. An authenticated attacker could exploit an improper access control vulnerability in the /api/v1/sources/id/image-url endpoint. This flaw allows the attacker to bypass an ownership check and obtain presigned S3 URLs for Open Virtual Appliance OVA images...

Migration assessment 安全漏洞

Migration assessment is an open-source tool developed by KubeV2V for evaluating and providing migration recommendations for VMware environments. There is a security vulnerability in Migration assessment. This vulnerability stems from the /api/v1/sources/id/image-url endpoint, where improper acces...

CVE-2026-42595 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

CVE-2026-42595 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, Gotenberg's Chromium URL-to-PDF endpoint /forms/chromium/convert/url has no default protection against HTTP/HTTPS-based SSRF. The default deny-list regex only blocks file:// URIs. An unauthenticated attacker can point...

Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

A review of 4 published Gotenberg security advisories exposed an SSRF issue. GHSA-pjrr-jgp4-v2fm covers SSRF via the downloadFrom endpoint. GHSA-pcrp-7g9h-7qhp covers SSRF via the webhook endpoint. Neither advisory addresses SSRF through the primary Chromium URL-to-PDF conversion endpoint...

GHSA-CHWH-F6GM-R836 Gotenberg: Server-Side Request Forgery via Chromium URL Endpoint with Redirect-Based Deny-List Bypass

A review of 4 published Gotenberg security advisories exposed an SSRF issue. GHSA-pjrr-jgp4-v2fm covers SSRF via the downloadFrom endpoint. GHSA-pcrp-7g9h-7qhp covers SSRF via the webhook endpoint. Neither advisory addresses SSRF through the primary Chromium URL-to-PDF conversion endpoint...

CVE-2026-7221

CVE-2026-7221 affects TencentCloudBase CloudBase-MCP (up to v2.17.0) with a vulnerability in the openUrl function (mcp/src/interactive-server.ts) of the open-url API Endpoint. Manipulating req.body.url enables server-side request forgery (SSRF) and can be exploited remotely; the exploit is public...

Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks

Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system OS commands under certain conditions. "The vulnerability allows remote unauthenticated attackers to easily...

PT-2025-44787

Name of the Vulnerable Software and Affected Versions React Native Community CLI versions 4.8.0 through 20.0.0-alpha.2 Description The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint vulnerable to...

CVE-2022-32013

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit=...

PT-2024-36472 · Unknown · Stirling-Pdf

Name of the Vulnerable Software and Affected Versions: Stirling-PDF version 0.35.1 Description: A Server-Side Request Forgery SSRF issue in the endpoint "http://your-server/url-to-pdf" of Stirling-PDF allows attackers to access sensitive information via a crafted request. This enables attackers t...

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions...

CVE-2024-29010

The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity XXE injection, potentially resulting in the disclosure of sensitive information. This issue affects GMS: 9.3.4 and earlier versions...

CVE-2023-39279

SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash...

Stack overflow

SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash...

CVE-2023-41712

SonicOS post-authentication Stack-Based Buffer Overflow Vulnerability in the SSL VPN plainprefs.exp URL endpoint leads to a firewall crash...

CVE-2023-39279

SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash...

CVE-2023-39279

SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash...