Search Results (2850 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-34515 2 Aio-libs, Aiohttp 2 Aiohttp, Aiohttp 2026-04-15 7.5 High
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4.
CVE-2026-2286 1 Crewai 1 Crewai 2026-04-15 9.8 Critical
CrewAI contains a server-side request forgery vulnerability that enables content acquisition from internal and cloud services, facilitated by the RAG search tools not properly validating URLs provided at runtime.
CVE-2025-53018 1 Lycheeorg 1 Lychee 2026-04-15 3 Low
Lychee is a free, open-source photo-management tool. Prior to version 6.6.13, a critical Server-Side Request Forgery (SSRF) vulnerability exists in the `/api/v2/Photo::fromUrl` endpoint. This flaw lets an attacker instruct the application’s backend to make HTTP requests to any URL they choose. Consequently, internal network resources—such as localhost services or cloud-provider metadata endpoints—become reachable. The endpoint takes a URL from the user and calls it server-side via fopen() without any safeguards. There is no IP address validation, nor are there any allow-list, timeout, or size restrictions. Because of this, attackers can point the application at internal targets. Using this flaw, an attacker can perform internal port scans or retrieve sensitive cloud metadata. Version 6.6.13 contains a patch for the issue.
CVE-2024-4789 2 Stylemixthemes, Wordpress 2 Cost Calculator Builder Pro, Wordpress 2026-04-15 6.4 Medium
Cost Calculator Builder Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to 3.1.72, via the send_demo_webhook() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
CVE-2020-36884 1 Brightsign 1 Digital Signage Diagnostic Web Server 2026-04-15 N/A
BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forcing the application to make arbitrary HTTP requests to internal network hosts.
CVE-2025-54122 2026-04-15 10 Critical
Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an unauthenticated attacker to bypass network isolation and access restrictions, potentially enabling access to internal services, cloud metadata endpoints, and exfiltration of sensitive data from isolated network segments. This vulnerability is fixed in version 25.7.21.2525.
CVE-2024-40441 1 Doccano 2 Auto Labeling Pipeline, Doccano 2026-04-15 6.6 Medium
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the model_attribs parameter.
CVE-2025-52362 1 Phproxy 1 Phproxy 2026-04-15 9.1 Critical
Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of PHProxy version 1.1.1 and prior. The input validation for the _proxurl parameter can be bypassed, allowing a remote, unauthenticated attacker to submit a specially crafted URL
CVE-2024-6922 1 Automationanywhere 1 Automation 360 2026-04-15 N/A
Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from the server.
CVE-2025-23172 1 Versa 1 Director 2026-04-15 7.2 High
The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send crafted HTTP requests to localhost. This can be leveraged to execute commands on behalf of the versa user, who has sudo privileges, potentially leading to privilege escalation or remote code execution. Exploitation Status: Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: There are no workarounds to disable the GUI option. Versa recommends that Director be upgraded to one of the remediated software versions.
CVE-2025-23221 1 Dahlia 1 Fedify 2026-04-15 5.4 Medium
Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. This vulnerability allows a user to maneuver the Webfinger mechanism to perform a GET request to any internal resource on any Host, Port, URL combination regardless of present security mechanisms, and forcing the victim’s server into an infinite loop causing Denial of Service. Moreover, this issue can also be maneuvered into performing a Blind SSRF attack. This vulnerability is fixed in 1.0.14, 1.1.11, 1.2.11, and 1.3.4.
CVE-2024-37208 1 Wordpress 1 Wordpress 2026-04-15 4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7.
CVE-2024-36458 1 Broadcom 1 Symantec Privileged Access Management 2026-04-15 N/A
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.
CVE-2024-36427 1 Targit 1 Decision Suite 2026-04-15 8.1 High
The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
CVE-2024-13957 1 Abb 3 Aspect Enterprise, Matrix Series, Nexus Series 2026-04-15 7.6 High
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
CVE-2025-60540 1 Karakeep 1 Karakeep 2026-04-15 6.5 Medium
karakeep v0.26.0 to v0.7.0 was discovered to contain a Server-Side Request Forgery (SSRF).
CVE-2024-41664 1 Thinkst 1 Canarytokens 2026-04-15 5.4 Medium
Canarytokens help track activity and actions on a network. Prior to `sha-8ea5315`, Canarytokens.org was vulnerable to a blind SSRF in the Webhook alert feature. When a Canarytoken is created, users choose to receive alerts either via email or via a webhook. If a webhook is supplied when a Canarytoken is first created, the site will make a test request to the supplied URL to ensure it accepts alert notification HTTP requests. No safety checks were performed on the URL, leading to a Server-Side Request Forgery vulnerability. The SSRF is Blind because the content of the response is not displayed to the creating user; they are simply told whether an error occurred in making the test request. Using the Blind SSRF, it was possible to map out open ports for IPs inside the Canarytokens.org infrastructure. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after `sha-097d91a`.
CVE-2024-41668 2026-04-15 8.3 High
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery (SSRF) attack. Logged in users could do the same on private instances. A fix has been released in version 6.0.12. As a workaround, one might be able to disable `/proxy` endpoint entirely via, for example, nginx.
CVE-2025-48739 1 Strangebee 1 Thehive 2026-04-15 N/A
A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows remote authenticated attackers with admin permissions (allowing them to access specific API endpoints) to manipulate URLs to direct requests to unexpected hosts or ports. This allows the attacker to use a TheHive server as a proxy to reach internal or otherwise restricted resources. This could be exploited to access other servers on the internal network.
CVE-2024-2796 1 Akana 1 Akana Api Platform 2026-04-15 9.3 Critical
A server-side request forgery (SSRF) was discovered in the Akana API Platform in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.