Lucene search
K
GithubRecent

33225 matches found

Github Security Blog
Github Security Blog
added 2026/04/17 9:48 p.m.8 views

OpenClaw: Heartbeat owner downgrade missed local async exec completion events

Summary Heartbeat owner downgrade missed local async exec completion events. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.3.31 = 2026.4.10 Impact Local background exec completion text could be missed by heartbeat owner-downgrade detection, leaving ...

5.7AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:48 p.m.8 views

OpenClaw: Voice-call realtime WebSocket accepted oversized frames

Summary Voice-call realtime WebSocket accepted oversized frames. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 = 2026.4.10 Impact The voice-call realtime WebSocket path could accept oversized frames, creating a remote availability risk for...

8.2CVSS5.4AI score0.00417EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:48 p.m.9 views

OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events

Summary Heartbeat owner downgrade missed untrusted webhook wake events. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.7 = 2026.4.14 Impact Heartbeat owner downgrade logic could skip webhook wake events carrying untrusted content, preserving...

9.8CVSS5.9AI score0.00423EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:47 p.m.10 views

OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation

Summary Browser snapshot and screenshot routes could expose internal page content after navigation. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.14 Impact Authenticated browser tool callers could use snapshot, screenshot, or tab routes that did n...

7.7CVSS5.7AI score0.00266EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:47 p.m.11 views

OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases

Summary config.get redaction bypass through sourceConfig and runtimeConfig aliases. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.14 Impact An authenticated gateway client with config read access could receive unredacted secrets through alias fiel...

7.1CVSS5.7AI score0.00333EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:35 p.m.11 views

OpenClaw: Collect-mode queue batches could reuse the last sender authorization context

Summary Collect-mode queue batches could reuse the last sender authorization context. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.14 Impact Collect-mode queued messages from different senders could be drained as one batch using the final sender'...

8.1CVSS5.7AI score0.0022EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:35 p.m.16 views

Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse via stored credentials

Summary The text-to-speech generation endpoint POST /api/v1/text-to-speech/generate is whitelisted no auth and accepts a credentialId directly in the request body. When called without a chatflowId, the endpoint uses the provided credentialId to decrypt the stored credential e.g., OpenAI or...

8.2CVSS5.9AI score0.00261EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:34 p.m.6 views

Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwords, and credential IDs

Summary The GET /api/v1/public-chatflows/:id endpoint returns the full chatflow object without sanitization for public chatflows. Docker validation revealed this is worse than initially assessed: the sanitizeFlowDataForPublicEndpoint function does NOT exist in the released v3.0.13 Docker image...

8.7CVSS5.8AI score0.00421EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:34 p.m.6 views

Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR)

Summary A Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key id and internal state fields of DocumentStore entities. Because the service uses repository.save with a client-supplied primary key, the POST create endpoint behave...

8.8CVSS5.8AI score0.00333EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:32 p.m.11 views

Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing

Executive Summary This report documents a critical security research finding in the compressing npm package specifically tested on the latest v2.1.0. The core vulnerability is a Partial Fix Bypass of CVE-2026-24884. The current patch relies on a purely logical string validation within the...

8.4CVSS6AI score0.00334EPSS
Exploits2References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:31 p.m.10 views

OpenViking: Unauthenticated remote bot control via OpenAPI HTTP routes

OpenViking prior to commit c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when the apikey configuration value is unset or empty. Remote attackers with network access to the exposed service can invoke...

9.1CVSS5.4AI score0.00571EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:30 p.m.9 views

Neo4j Labs MCP Servers: SSRF and Data Modification via read_only Mode Bypass Through CALL Procedures

Summary The readonly mode in mcp-neo4j-cypher versions prior to 0.6.0 can be bypassed using CALL procedures. Details Impact The enforcing of readonly mode in vulnerable versions could be bypassed by certain APOC procedures. Patches v0.6.0 release hardened the checks around the mode. The only way ...

2.3CVSS5.8AI score0.00264EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:25 p.m.5 views

Sentry: Improper authentication on SAML SSO process allows user identity linking

Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same...

9.1CVSS5.8AI score0.00435EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 9:24 p.m.7 views

Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration

Summary An authenticated administrator can execute arbitrary operating system commands by injecting a malicious payload into the MAINODTASPDF configuration constant. This vulnerability exists because the application fails to properly validate or escape the command path before passing it to the ex...

9.4CVSS6.1AI score0.00922EPSS
Exploits3References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 8:8 p.m.9 views

OpenClaw: Sandbox noVNC helper route exposed interactive browser session credentials

Summary Sandbox noVNC helper route exposed interactive browser session credentials. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.2.21 = 2026.4.10 Impact The sandbox noVNC helper route could be reached without the intended bridge authentication,...

5.7AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 p.m.28 views

Bouncy Castle Has Covert Timing Channel Vulnerability

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue only affects users of the FrodoKEM algorithm involved in the decryption of encapsulations. This issue affects...

9.9CVSS7.1AI score0.00691EPSS
Exploits0References6Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 p.m.11 views

Bouncy Castle has an LDAP injection

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.84...

6.9CVSS5.8AI score0.00527EPSS
Exploits0References4Affected Software3
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 p.m.9 views

Bouncy Castle for Java GOST 28147 CTR mode reuses keystream after 255 blocks

The GOST 28147-2015 CTR mode implementation G3413CTRBlockCipher in the Legion of the Bouncy Castle BC-JAVA bcprov core module only increments the final byte of the counter, so the counter wraps after 255 blocks and the keystream is reused. Reusing CTR keystream allows an attacker who can observe...

9.3CVSS7.3AI score0.00313EPSS
Exploits0References19Affected Software12
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 p.m.14 views

Bouncy Castle Uncontrolled Resource Consumption vulnerability

Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This issue affects BC-JAVA before 1.84. Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion...

8.7CVSS5.7AI score0.00758EPSS
Exploits0References4Affected Software7
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.6 views

PAC4J has a Cross-Site Request Forgery (CSRF) Vulnerability

PAC4J is vulnerable to Cross-Site Request Forgery CSRF. A malicious attacker can craft a specially designed website which, when visited by a user, will automatically submit a forged cross-site request with a token whose hash collides with the victim's legitimate CSRF token. Importantly, the...

7CVSS5.6AI score0.00165EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.7 views

Craftql vulnerable to Server-Side Request Forgery

Craftql v1.3.7 and before is vulnerable to Server-Side Request Forgery SSRF which allows an attacker to execute arbitrary code via the vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php file...

7.5CVSS6.1AI score0.00463EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.42 views

Mattermost doesn't validate whether users were correctly owned by the correct Connected Workspace

Mattermost versions 10.11.x = 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connected using the Conntexted Workspaces feature to change the displayed status of local users via the Connected Workspaces API...

2.7CVSS5.3AI score0.00167EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.8 views

Mattermost doesn't validate CSRF tokens on an authentication endpoint

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to validate CSRF tokens on an authentication endpoint which allows an attacker to update a user's authentication method via a CSRF attack by tricking a user into visiting a malicious page. Mattermost...

8.1CVSS5.2AI score0.00129EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.8 views

goldmark vulnerable to Cross-site Scripting (XSS)

Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting XSS due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check IsDangerousURL before resolving HTML entities...

6.1CVSS6AI score0.00287EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 3:31 p.m.5 views

Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to enforce atomic single-use consumption of guest magic link tokens, which allows an attacker with access to a valid magic link to establish multiple independent authenticated sessions via concurrent...

6.5CVSS5.2AI score0.00145EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 a.m.22 views

HashiCorp Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

7.5CVSS5.7AI score0.00718EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 a.m.7 views

HashiCorp Vault May Expose Tokens to Auth Plugins Due to Incorrect Header Sanitization

If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin backend. Fixed in 2.0.0, 1.21.5, 1.20.10, and 1.19.16...

8.8CVSS5.7AI score0.00406EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 a.m.10 views

HashiCorp Vault has Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS

Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0,...

8.6CVSS5.7AI score0.00332EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/17 6:31 a.m.9 views

HashiCorp Vault has a KVv2 Metadata and Secret Deletion Policy Bypass that leads to Denial-of-Service

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret...

8.1CVSS5.7AI score0.00376EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 11:0 p.m.7 views

Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass)

Summary Saltcorn validates the post-login dest parameter with a string check that only blocks :/ and //. Because all WHATWG-compliant browsers normalise backslashes \ to forward slashes / for special schemes, a payload such as /\evil.com/path slips through isrelativeurl, is emitted unchanged in t...

5.1CVSS5.6AI score0.00339EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 11:0 p.m.6 views

langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding

Summary langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS resolution. This left a TOCTOU / DNS rebinding window: an attacker-controlled hostnam...

3.1CVSS5.8AI score0.00158EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:53 p.m.9 views

LangChain Text Splitters: HTMLHeaderTextSplitter.split_text_from_url SSRF Redirect Bypass

Summary HTMLHeaderTextSplitter.splittextfromurl validated the initial URL using validatesafeurl but then performed the fetch with requests.get with redirects enabled the default. Because redirect targets were not revalidated, a URL pointing to an attacker-controlled server could redirect to...

6.5CVSS5.7AI score0.0026EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:52 p.m.16 views

Plonky3: The sponge construction used to get a hash function from a cryptographic permutation is not collision resistant for inputs of different lengths

Vulnerability Currently, when hashing, if the number of elements to hash is not a multiple of the rate, hashiter pads by elements of the current state. This means that it is possible to create iterators of different lengths which lead to an identical hashed state. Given a simple example using a...

5.8AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:51 p.m.7 views

Saltcorn: SQL Injection via Unparameterized Sync Endpoints (maxLoadedId)

Summary A critical SQL injection vulnerability in Saltcorn’s mobile-sync routes allows any authenticated low-privilege user with read access to at least one table to inject arbitrary SQL through sync parameters. This can lead to full database exfiltration, including admin password hashes and...

9.9CVSS6.3AI score0.00264EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:50 p.m.9 views

Meridian: Multiple defense-in-depth gaps (collection/depth caps, telemetry, retry, fan-out)

Summary Meridian v2.1.0 Meridian.Mapping and Meridian.Mediator shipped with nine defense-in-depth gaps reachable through its public APIs. Two are HIGH severity — the advertised DefaultMaxCollectionItems and DefaultMaxDepth safety caps are silently bypassed on the IMapper.Mapsource, destination...

7.5CVSS5.9AI score0.00542EPSS
Exploits1References4Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/16 10:49 p.m.22 views

Paperclip: Cross-tenant agent API key IDOR in `/agents/:id/keys` routes allows full victim-company compromise

Summary The GET, POST, and DELETE handlers under /agents/:id/keys in the Paperclip control-plane API only call assertBoardreq, which verifies that the caller has a board-type session but does not verify that the caller has access to the company owning the target agent. A board user whose membersh...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:49 p.m.12 views

Paperclip: Stored XSS via javascript: URLs in MarkdownBody — urlTransform override disables react-markdown sanitization

Summary MarkdownBody, the shared component used to render every Markdown surface in the Paperclip UI issue documents, issue comments, chat threads, approvals, agent details, export previews, etc., passes urlTransform=url = url to react-markdown. That override replaces react-markdown's built-in...

5.8AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:48 p.m.6 views

Paperclip: Approval decision attribution spoofing via client-controlled `decidedByUserId` in paperclip server

Summary The approval-resolution endpoints POST /approvals/:id/approve, /reject, /request-revision accept a client-supplied decidedByUserId field in the request body and write it verbatim into the authoritative approvals.decidedByUserId column — without cross-checking it against the authenticated...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:48 p.m.18 views

Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys

Isolated paperclip instance running in authenticated mode default config on a clean Docker image matching commit b649bd4 2026.411.0-canary.8, post the 2026.410.0 patch. This advisory was verified on an unmodified build. Summary POST /api/agents/:id/keys, GET /api/agents/:id/keys, and DELETE...

6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:48 p.m.15 views

Paperclip: OS Command Injection via Execution Workspace cleanupCommand

| Field | Value | |-------|-------| | Affected Software | Paperclip AI v2026.403.0 | | Affected Component | Execution Workspace lifecycle workspace-runtime.ts | | Affected Endpoint | PATCH /api/execution-workspaces/:id | | Deployment Modes | All — localtrusted zero auth, authenticated any company...

6.3AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:47 p.m.9 views

Paperclip: codex_local inherited ChatGPT/OpenAI-connected Gmail and was able to send real email

Summary A Paperclip-managed codexlocal runtime was able to access and use a Gmail connector that I had connected in the ChatGPT/OpenAI apps UI, even though I had not explicitly connected Gmail inside Paperclip or separately inside Codex. In my environment this enabled mailbox access and a real...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:47 p.m.5 views

Paperclip: Unauthenticated Access to Multiple API Endpoints in Authenticated Mode

Summary Several API endpoints in authenticated mode have no authentication at all. They respond to completely unauthenticated requests with sensitive data or allow state-changing operations. No account, no session, no API key needed. Verified against the latest version. Discord: sagi03581 Steps t...

5.9AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:46 p.m.9 views

Paperclip: Malicious skills able to exfiltrate and destroy all user data

Summary An arbitrary code execution vulnerability in the workspace runtime service allows any agent to execute shell commands on the server, exposing all environment variables including API keys, JWT secrets, and database credentials. Details A malicious skill can instruct the agent to exploit th...

6.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:45 p.m.12 views

Paperclip: Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand Leading to OS Command Execution

Summary Paperclip contains a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip server host. An attacker with an agent credential can escalate privileges from the agent runtime to the Paperclip server host. The...

8.8CVSS6.7AI score0.00591EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:45 p.m.22 views

Paperclip: Arbitrary File Read via Agent-Controlled adapterConfig.instructionsFilePath

Summary Paperclip contains an arbitrary file read vulnerability that allows an attacker with an Agent API key to read files from the Paperclip server host filesystem. The vulnerability occurs because agents are allowed to modify their own adapterConfig through the /agents/:id API endpoint. The...

6.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:44 p.m.10 views

OAuth 2.1 Provider: Unprivileged users can register OAuth clients

Am I affected? You're affected if all of the following are true: - Using @better-auth/oauth-provider at version specified below - You configured clientPrivileges in the plugin options expecting it to gate who can create OAuth clients - The /oauth2/create-client or /admin/oauth2/create-client...

7.1CVSS5.4AI score0.00212EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:40 p.m.9 views

Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints

Summary The authenticated middleware uses unanchored regular expressions to match public no-auth endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint by appending a public endpoint path as a query paramete...

9.1CVSS5.9AI score0.00445EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:38 p.m.9 views

Unsafe object property setter in mathjs

Impact This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. Patches The issue was introduced in mathjs v13.1.1, an...

8.8CVSS5.9AI score0.00551EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:38 p.m.12 views

Authlib: Cross-site request forging when using cache

Summary There is no CSRF protection on the cache feature on most integrations clients. Details In authlib.integrations.starletteclient.OAuth, no CSRF protection is set up when using the cache parameter. When not using the cache parameter, the use of SessionMiddleware ties the client to the auth...

5.4CVSS5.8AI score0.00106EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/16 10:36 p.m.9 views

Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server

Impact A Server-Side Request Forgery SSRF vulnerability exists in @angular/platform-server due to improper handling of URLs during Server-Side Rendering SSR. When an attacker sends a request such as GET /\evil.com/ HTTP/1.1 the server engine Express, etc. passes the URL string to Angular’s...

8.7CVSS5.8AI score0.00304EPSS
Exploits0References5Affected Software1
Total number of security vulnerabilities33225