Lucene search
K
GithubRecent

33225 matches found

Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache ActiveMQ, Apache ActiveMQ Web have a Cross-site Scripting issue

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.9AI score0.01107EPSS
Exploits1References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.3 views

Apache Airflow vulnerable to Improper Neutralization of Special Elements Used in a Template Engine

Apache Airflow's official documentation at core-concepts/dag-run.html "Passing Parameters when triggering Dags" showed a verbatim BashOperatorbashcommand="echo value: dagrun.conf'conf1' " example without any quoting / sanitization warning. Dag authors who copied the pattern verbatim into...

9.1CVSS6AI score0.00369EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache Solr has hardcoded credentials in the Basic Authentication setup tool

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS6AI score0.00529EPSS
Exploits2References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache Airflow Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

A bug in Apache Airflow's Variable response masker caused nested-key redaction triggered by secret-suffixed key names like password, token, secret, apikey to be bypassed when the JSON value's nesting depth exceeded the shared secrets masker's recursion limit: the masker returned the original nest...

6.5CVSS6AI score0.00335EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.2 views

Apache Airflow Vulnerable to Authorization Bypass Through User-Controlled Key

A bug in Apache Airflow's bulk Task Instances API PATCH/DELETE /api/v2/dags/dagid/dagRuns/dagrunid/taskInstances evaluated authorization against the dagid resolved from the URL path while operating on the dagid / dagrunid extracted from request-body entity fields. An authenticated UI/API user wit...

7.5CVSS6AI score0.00458EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.5 views

Apache Airflow vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking e.g. nested password / token / secret / apikey keys inside a JSON template structure to be bypassed when the rendered field exceeded core maxtemplatedfieldlength: Airflow stringified the structure befor...

6.5CVSS6AI score0.00335EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ have a Code Injection issue

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...

8.1CVSS6.6AI score0.00546EPSS
Exploits2References4Affected Software3
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.3 views

Apache Airflow has an Incorrect Authorization issue

Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against Dag IDs by applying Python's str.lstrip to the requested path segment when verifying the JWT's sub...

3.1CVSS6AI score0.00344EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache Airflow has a Deserialization of Untrusted Data vulnerability

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS6AI score0.0055EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Apache Airflow has an Improper Authorization issue

The structuredata endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission on those linked Dags. An authenticated UI/API user authorized for one Dag could enumerate linked Dag IDs and dependency metadata for other...

3.1CVSS6AI score0.00459EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.3 views

Apache Airflow has a Missing Authorization issue

The partitioneddagruns endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerate partition run state, schedule configuration, and asset wiring for Dags they were not authorized to...

4.3CVSS6AI score0.00352EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.10 views

Apache Airflow: Authenticated users can bypass the `is_safe_url` check

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

7.2CVSS6AI score0.00649EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.2 views

Apache Airflow has a Link Following issue

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a taskid containing .. sequences accepted by the Task SDK's KEYREGEX write-path attack, and...

6.5CVSS6AI score0.00665EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.2 views

Apache Airflow has a Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Apache Airflow's JWTRefreshMiddleware set the JWT auth cookie without the Secure flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy e.g. nginx / Envoy / a managed load balancer that terminates TLS and forwards plaintext to the API server, the default...

5.9CVSS6AI score0.00265EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.4 views

Claircore: Unauthenticated attackers can submit manifests with URIs pointing to internal services or cloud metadata endpoints

A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured opt-in, not enforced by default, an unauthenticated attacker can submit a manifest with...

5.8CVSS5.8AI score0.00292EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.5 views

Apache Airflow: Incomplete redaction allowlist exposes secrets in Connection `extra`  to read-permitted users

A bug in the GET /api/v2/connections/connectionid REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's extra JSON blob under field names not present in the redaction allowlist DEFAULTSENSITIVEFIELDS —...

6.5CVSS6AI score0.0041EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 9:31 a.m.5 views

Apache Directory LDAP API lacks server certificate verification for LDAP hostnames

It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certificate chain against a trusted authority, the absence of endpoint identification allows a valid...

8.8CVSS5.9AI score0.00182EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 6:30 a.m.4 views

hermes-agent has an Injection issue

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function sanitizeenvlines of the file hermescli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of...

6.3CVSS5.3AI score0.00266EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 6:30 a.m.5 views

GoClaw has a Command Injection issue

A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component writefile Tool. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. T...

7.5CVSS5.6AI score0.01336EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 3:30 a.m.4 views

Dolibarr ERP CRM is vulnerable to Improper Authorization through its Leave Request REST API

A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/apiholidays.class.php of the component Leave Request REST API. The manipulation leads to improper authorization. The attack may be initiat...

5.3CVSS5.4AI score0.00259EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/01 3:30 a.m.3 views

AstrBot: Manipulation of astr_main_agent's session_id parameter leads to authorization bypass

A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astrmainagent of the file astrbot/core/astrmainagent.py. Such manipulation of the argument sessionid leads to authorization bypass. It is possible to launch the attack remotely. The exploit is publicly availab...

6.5CVSS6.3AI score0.00211EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/31 12:30 p.m.9 views

Aider has an SSRF vulnerability through its AWS EC2 Metadata Endpoint

A security vulnerability has been detected in Aider-AI Aider 0.86.3.dev. This affects the function requests.get of the file apidocs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit...

6.5CVSS5.3AI score0.00209EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/31 9:31 a.m.3 views

Aider is vulnerable to Code Injection via editor_coder.run function

A security flaw has been discovered in Aider-AI Aider 0.86.3.dev. Affected by this vulnerability is the function editorcoder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has...

6.5CVSS5.6AI score0.00242EPSS
Exploits0References8Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 11:1 p.m.41 views

praisonai-platform: Any workspace member can promote themselves or others to owner via PATCH /workspaces/{id}/members/{user_id}

Summary Type: Vertical privilege escalation. The PATCH /workspaces/workspaceid/members/userid endpoint is gated by requireworkspacememberworkspaceid, which defaults to minrole="member" and is never overridden by the route. The handler then calls MemberService.updateroleworkspaceid, userid,...

5.8AI score0.00032EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:57 p.m.28 views

praisonai-platform: Missing authorization on member removal enables full workspace takeover by any user regardless of role

Summary Type: Authorization bypass enabling owner lockout. The DELETE /workspaces/workspaceid/members/userid endpoint is gated only by requireworkspacememberworkspaceid default minrole="member". Any member can remove any other member, including the workspace owner, using a single DELETE. There is...

5.8AI score0.00041EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:51 p.m.22 views

praisonai-platform: Label endpoints' unchecked label_id/issue_id enable cross-workspace label IDOR (edit, delete, link)

Summary Type: Insecure Direct Object Reference. Five label endpoints — PATCH /workspaces/workspaceid/labels/labelid, DELETE .../labels/labelid, POST .../issues/issueid/labels/labelid, DELETE .../issues/issueid/labels/labelid, GET .../issues/issueid/labels — gate access on...

5.9AI score0.00038EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:45 p.m.28 views

praisonai-platform: IDOR in dependency endpoints allows cross-workspace issue linking, reading, and deletion due to missing ownership checks

Summary Type: Insecure Direct Object Reference. The dependency endpoints POST/GET /workspaces/workspaceid/issues/issueid/dependencies and DELETE .../dependencies/depid gate access on requireworkspacememberworkspaceid only, then dispatch to DependencyService calls that take URL/body-supplied issue...

5.9AI score0.00032EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:42 p.m.28 views

praisonai-platform: JWT signing key defaults to hardcoded "dev-secret-change-me", allowing token forgery for any user when PLATFORM_ENV is unset

Summary Type: Insecure default cryptographic key. The JWT signing secret defaults to the hardcoded literal "dev-secret-change-me" when PLATFORMJWTSECRET is unset. A safety check exists but only fires when PLATFORMENV != "dev"; the default value of PLATFORMENV is "dev", so the check is silently...

6AI score0.00054EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:42 p.m.25 views

PraisonAI Platform: Missing role checks let any workspace member become owner and control workspace membership

Summary PraisonAI Platform has a broken workspace authorization check that allows any authenticated low-privilege workspace member to escalate their own role to owner. The issue is caused by privileged workspace-management routes using the shared dependency requireworkspacemember... without...

5.8AI score0.00063EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:35 p.m.27 views

PraisonAI Platform workspace-scoped routes allow cross-workspace object access by global object ID

Summary PraisonAI Platform's workspace-scoped REST routes contain a systemic object-level authorization flaw that allows an authenticated user from one workspace to access, modify, and delete objects belonging to another workspace by supplying the victim object's global UUID. The affected pattern...

5.8AI score0.00044EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:34 p.m.27 views

PraisonAI Platform has a cross-workspace IDOR + member-role privilege escalation

Summary The Platform server exposes resources under /api/v1/workspaces/workspaceid/... and protects them with a requireworkspacememberworkspaceid FastAPI dependency. The dependency only checks that the caller is a member of the workspaceid in the URL prefix. The route handlers then look up the...

5.8AI score0.00043EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:34 p.m.31 views

praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership

Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...

5.8AI score0.00032EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:32 p.m.27 views

PraisonAI has Cross-Workspace IDOR and Privilege Escalation via Platform API

Summary The PraisonAI Platform API has two authorization failures that together break workspace isolation. The service layer for issues and projects performs global primary-key lookups without checking workspace ownership, so any authenticated user can read, modify, and delete resources in any...

5.8AI score0.00044EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:31 p.m.25 views

PraisonAI has an Arbitrary File Write in Python API

Bug Report: Arbitrary File Write in Python API Summary Hidden metadata in a webpage causes PraisonAI agents to write attacker-controlled content to arbitrary paths. writefile skips path validation when workspace=None always None in production. Affected PraisonAI outputfile: /tmp/flag.txt...

6AI score0.00051EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:31 p.m.25 views

PraisonAI's unauthenticated A2A official example can reach real LLM-driven `eval()` tool execution

Summary The first-party PraisonAI A2A server example combines three behaviors into a remotely exploitable Critical chain: 1. The example exposes an A2A server without configuring authtoken. 2. The same example binds the server to 0.0.0.0. 3. The example registers a calculateexpression tool...

6.3AI score0.00084EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:30 p.m.28 views

PraisonAI vulnerable to unauthenticated arbitrary file read via MCP workflow.show, workflow.validate, deploy.validate

Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in mcpserver/adapters/clitools.py: "registers four file-handling tools by default, praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and...

9.6CVSS6AI score0.00619EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:30 p.m.28 views

PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents/tools/pythontools.py v1.6.37, subprocess sandbox mode can be fully bypassed using print.self to retrieve the real Python builtins module, from which import can be extracted via vars and runtime string construction. This achieves arbitrary OS command executio...

6.3AI score0.0012EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/29 10:29 p.m.25 views

PraisonAI CLI automatically resolves @url mentions in prompt text and can read loopback URLs into model context

Summary PraisonAI's direct-prompt CLI automatically expands @url: mentions in raw prompt text before agent execution begins. If a prompt contains @url:, the CLI calls MentionsParser.process.... The @url: handler then performs a direct urllib.request.urlopen request to the attacker-controlled URL...

5.9AI score0.00014EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/29 10:29 p.m.28 views

PraisonAI `deploy --type api` emits a Flask server with authentication disabled by default

Summary CVE-2026-44338 GHSA-6rmh-7xcm-cpxj documents that PraisonAI ships a code-generator praisonai.deploy.api.generateapiservercode that emits a Flask API server with authentication disabled by default. Users who follow the documented quickstart praisonai deploy --type api get a server that: -...

7.3CVSS6.2AI score0.26799EPSS
Exploits3References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:27 p.m.26 views

PraisonAI call server exposes unauthenticated agent listing, invocation, and deletion when CALL_SERVER_TOKEN is unset

Summary PraisonAI's call server exposes a network-facing agent control API without authentication when CALLSERVERTOKEN is not configured. The affected component is the praisonai.api.agentinvoke router as mounted by praisonai.api.call. The authentication helper verifytoken fails open when...

5.8AI score0.00075EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:27 p.m.28 views

PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings

Summary PraisonAI's spidertools URL validation can be bypassed using alternate loopback host encodings. The affected component is: text praisonaiagents/tools/spidertools.py The tool contains a URL validation function intended to block local or unsafe targets before fetching attacker-controlled...

6.2AI score0.00014EPSS
Exploits0References2Affected Software2
Github Security Blog
Github Security Blog
added 2026/05/29 10:26 p.m.23 views

PraisonAI: Arbitrary code execution via unguarded `spec.loader.exec_module` in `agents_generator.py` - sibling of CVE-2026-44334

Arbitrary code execution via ungated spec.loader.execmodule in agentsgenerator.py v4.6.32 chokepoint refactor bypass Summary The v4.6.32 chokepoint refactor which patched CVE-2026-44334 / GHSA-xcmw-grxf-wjhj added the PRAISONAIALLOWLOCALTOOLS env-var gate to the tooloverride.py sinks. However, tw...

8.4CVSS6.4AI score0.00246EPSS
Exploits2References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:19 p.m.22 views

formie's unauthenticated front-end submission editing can overwrite existing submissions

Impact Unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. Patches 2.2.21, 3.1.26 Workarounds Block unauthenticated access to actions/formie/submissions/save-submission, or disable/customize front-end submissio...

8.7CVSS5.8AI score0.00311EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:18 p.m.21 views

stigmem-node's federation peer registration lacked explicit out-of-band approval

Impact Federation peer registration accepted peer key material during registration without a separate administrator approval step based on an out-of-band fingerprint check. Impacted deployments are nodes that accept federation peer registration across a network where initial registration could be...

5.8AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:17 p.m.20 views

stigmem-node's unsigned plugin override could be enabled without a second explicit acknowledgment

Impact A single configuration flag could disable plugin signature enforcement. If an operator unintentionally carried that setting into an environment where plugin paths are writable by less-trusted users, unsigned plugin code could be loaded. Patches Patched in 0.9.0a2. Disabling plugin signatur...

5.9AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:16 p.m.20 views

stigmem-node's federation insecure transport settings may allow non-loopback cleartext federation

Impact Stigmem nodes with federation enabled could be configured to run without mTLS outside loopback-only local development. In affected deployments, federation traffic may traverse the network without the intended transport protection. Impacted users are operators who enabled federation and...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:15 p.m.27 views

stigmem-node's Postgres schema identifier handling required defensive quoting

Impact Postgres backend schema identifiers were interpolated into SQL strings. In the reviewed code path the schema value is operator-controlled, but the pattern was unsafe if future call sites allowed tenant or request-controlled schema names. Impacted users are operators using the Postgres...

5.9AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:14 p.m.22 views

stigmem-node's federation peer token timestamp validation may reject valid peer tokens

Impact A mismatch in federation peer-token timestamp handling could cause valid peer tokens to be treated as expired. Impacted deployments are Stigmem nodes using federation peer authentication paths from affected versions. The primary impact is availability and reliability of authenticated...

5.8AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:13 p.m.20 views

stigmem-node: Auth-disabled deployments may grant broad anonymous access outside loopback

Impact Stigmem nodes configured with authentication disabled could grant the anonymous identity broad read/write/federation capabilities if exposed outside a loopback-only local development environment. Impacted users are operators who intentionally disabled authentication while binding the node ...

5.8AI score
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/05/29 10:10 p.m.23 views

Nezha's authenticated DDNS webhook configuration allows blind SSRF from the dashboard host

Summary An authenticated Nezha dashboard user can create or update a DDNS profile with provider webhook and configure an arbitrary webhookurl, HTTP method, request body, and headers. When DDNS is triggered for a server that uses that profile, the dashboard process sends the configured request wit...

6.4CVSS6AI score0.00182EPSS
Exploits0References3Affected Software2
Total number of security vulnerabilities33225