Total
2111 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9522 | 1 Tp-link | 1 Omada Controller | 2026-03-11 | N/A | 5.3 MEDIUM |
| Blind Server-Side Request Forgery (SSRF) in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information. | |||||
| CVE-2026-30832 | 1 Charm | 1 Soft Serve | 2026-03-11 | N/A | 9.1 CRITICAL |
| Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a fake LFS server can chain this into full read access to internal services by returning download URLs that point at internal targets. This issue has been patched in version 0.11.4. | |||||
| CVE-2026-30834 | 1 Pinchtab | 1 Pinchtab | 2026-03-11 | N/A | 7.5 HIGH |
| PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs, including internal network services and local system files, and exfiltrate the full response content. This issue has been patched in version 0.7.7. | |||||
| CVE-2026-30247 | 1 Tencent | 1 Weknora | 2026-03-11 | N/A | 5.9 MEDIUM |
| WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, the application's "Import document via URL" feature is vulnerable to Server-Side Request Forgery (SSRF) through HTTP redirects. While the backend implements comprehensive URL validation (blocking private IPs, loopback addresses, reserved hostnames, and cloud metadata endpoints), it fails to validate redirect targets. An attacker can bypass all protections by using a redirect chain, forcing the server to access internal services. Additionally, Docker-specific internal addresses like host.docker.internal are not blocked. This issue has been patched in version 0.2.12. | |||||
| CVE-2026-30828 | 1 Wallosapp | 1 Wallos | 2026-03-11 | N/A | 7.5 HIGH |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2. | |||||
| CVE-2026-30839 | 1 Wallosapp | 1 Wallos | 2026-03-11 | N/A | 4.3 MEDIUM |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, testwebhooknotifications.php does not validate the target URL against private/reserved IP ranges, enabling full-read SSRF. The server response is returned to the caller. This issue has been patched in version 4.6.2. | |||||
| CVE-2026-30840 | 1 Wallosapp | 1 Wallos | 2026-03-11 | N/A | 8.8 HIGH |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2. | |||||
| CVE-2026-21294 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-03-11 | N/A | 5.5 MEDIUM |
| Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate server-side requests and bypass security controls. Exploitation of this issue does not require user interaction. | |||||
| CVE-2026-21293 | 1 Adobe | 3 Commerce, Commerce B2b, Magento | 2026-03-11 | N/A | 5.5 MEDIUM |
| Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate server-side requests and access unauthorized resources. Exploitation of this issue does not require user interaction. | |||||
| CVE-2025-32355 | 2026-03-11 | N/A | 7.3 HIGH | ||
| Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource. | |||||
| CVE-2026-28451 | 1 Openclaw | 1 Openclaw | 2026-03-11 | N/A | 8.3 HIGH |
| OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls through direct manipulation or prompt injection to trigger requests to internal services and re-upload responses as Feishu media. | |||||
| CVE-2026-30844 | 1 Wekan Project | 1 Wekan | 2026-03-11 | N/A | 8.1 HIGH |
| Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 are vulnerable to Server-Side Request Forgery (SSRF) via attachment URL loading. During board import in Wekan, attachment URLs from user-supplied JSON data are fetched directly by the server without any URL validation or filtering, affecting both the Wekan and Trello import flows. The parseActivities() and parseActions() methods extract user-controlled attachment URLs, which are then passed directly to Attachments.load() for download with no sanitization. This Server-Side Request Forgery (SSRF) vulnerability allows any authenticated user to make the server issue arbitrary HTTP requests, potentially accessing internal network services such as cloud instance metadata endpoints (exposing IAM credentials), internal databases, and admin panels that are otherwise unreachable from outside the network. This issue has been fixed in version 8.34. | |||||
| CVE-2026-31829 | 1 Flowiseai | 1 Flowise | 2026-03-11 | N/A | 7.1 HIGH |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.0.13, Flowise exposes an HTTP Node in AgentFlow and Chatflow that performs server-side HTTP requests using user-controlled URLs. By default, there are no restrictions on target hosts, including private/internal IP ranges (RFC 1918), localhost, or cloud metadata endpoints. This enables Server-Side Request Forgery (SSRF), allowing any user interacting with a publicly exposed chatflow to force the Flowise server to make requests to internal network resources that are inaccessible from the public internet. This vulnerability is fixed in 3.0.13. | |||||
| CVE-2026-3588 | 2026-03-11 | N/A | 7.5 HIGH | ||
| A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request. | |||||
| CVE-2026-24316 | 2026-03-11 | N/A | 6.4 MEDIUM | ||
| SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF). Successful exploitation could lead to interaction with potentially sensitive internal endpoints, resulting in a low impact on data confidentiality and integrity. There is no impact on availability of the application. | |||||
| CVE-2026-27826 | 2026-03-11 | N/A | 8.2 HIGH | ||
| MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make outbound HTTP requests to an arbitrary attacker-controlled URL by supplying two custom HTTP headers without an `Authorization` header. No authentication is required. The vulnerability exists in the HTTP middleware and dependency injection layer — not in any MCP tool handler - making it invisible to tool-level code analysis. In cloud deployments, this could enable theft of IAM role credentials via the instance metadata endpoint (`169[.]254[.]169[.]254`). In any HTTP deployment it enables internal network reconnaissance and injection of attacker-controlled content into LLM tool results. Version 0.17.0 fixes the issue. | |||||
| CVE-2026-28680 | 1 Ghostfol | 1 Ghostfolio | 2026-03-10 | N/A | 9.3 CRITICAL |
| Ghostfolio is an open source wealth management software. Prior to version 2.245.0, an attacker can exploit the manual asset import feature to perform a full-read SSRF, allowing them to exfiltrate sensitive cloud metadata (IMDS) or probe internal network services. This issue has been patched in version 2.245.0. | |||||
| CVE-2026-29049 | 1 Chainguard | 1 Melange | 2026-03-10 | N/A | 4.3 MEDIUM |
| melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout (pkg/renovate/cache/cache.go). An attacker-controlled URI in a melange config can cause unbounded disk writes, exhausting disk on the build runne. There is no known patch publicly available. | |||||
| CVE-2026-3750 | 1 Continew | 1 Continew Admin | 2026-03-10 | 5.8 MEDIUM | 4.7 MEDIUM |
| A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-3788 | 1 Bytedesk | 1 Bytedesk | 2026-03-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A security vulnerability has been detected in Bytedesk up to 1.3.9. This impacts the function getModels of the file source-code/src/main/java/com/bytedesk/ai/springai/providers/openrouter/SpringAIOpenrouterRestService.java of the component SpringAIOpenrouterRestController. Such manipulation of the argument apiUrl leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.4.5.4 will fix this issue. The name of the patch is 975e39e4dd527596987559f56c5f9f973f64eff7. It is recommended to upgrade the affected component. | |||||