Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: magicmirror Clear
ID Title
CVE-2026-42281 SSRF (Server-Side Request Forgery) in magicmirror (CVE-2026-42281)
SSRF in magicmirror (CVE-2026-42281). Confidential information can be exposed externally. Exploitable via `GET /cors`. Mitigation: upgrade to `2.36.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →