Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: ssrf Clear
ID Title
CVE-2026-59706 Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
CVE-2026-57573 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57573)
SSRF in ssrf (CVE-2026-57573). Confidential information can be exposed externally. Exploitable via `POST /crawl/stream`.
CVE-2025-53830 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-53830)
SSRF in ssrf (CVE-2025-53830). Successful exploitation can lead to full system takeover.
CVE-2025-53828 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-53828)
SSRF in ssrf (CVE-2025-53828). Successful exploitation can lead to full system takeover.
CVE-2026-48205 Vulnerability in apache (CVE-2026-48205)
vulnerability in apache (CVE-2026-48205). Confidential information can be exposed externally.
CVE-2026-55993 Vulnerability in apache (CVE-2026-55993)
vulnerability in apache (CVE-2026-55993). Confidential information can be exposed externally.
CVE-2026-55994 Vulnerability in apache (CVE-2026-55994)
vulnerability in apache (CVE-2026-55994). Confidential information can be exposed externally.
CVE-2026-46726 Vulnerability in apache (CVE-2026-46726)
vulnerability in apache (CVE-2026-46726). Confidential information can be exposed externally.
CVE-2026-48203 Vulnerability in apache (CVE-2026-48203)
vulnerability in apache (CVE-2026-48203). Confidential information can be exposed externally.
CVE-2026-58278 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-58278)
SSRF in ssrf (CVE-2026-58278). Risk of unauthorized operations or information disclosure.
CVE-2026-57993 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57993)
SSRF in ssrf (CVE-2026-57993). Confidential information can be exposed externally.
CVE-2026-57987 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57987)
SSRF in ssrf (CVE-2026-57987). Confidential information can be exposed externally.
CVE-2026-58418 SSRF via HTTP Redirect in Repository Migration
SSRF via HTTP Redirect in Repository Migration
CVE-2026-22874 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22874)
SSRF in ssrf (CVE-2026-22874). Confidential information can be exposed externally.
CVE-2026-11397 SSRF (Server-Side Request Forgery) in wordpress (CVE-2026-11397)
SSRF in wordpress (CVE-2026-11397). Risk of unauthorized operations or information disclosure.
CVE-2026-45499 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45499)
SSRF in ssrf (CVE-2026-45499). Successful exploitation can lead to full system takeover.
CVE-2026-57100 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57100)
SSRF in ssrf (CVE-2026-57100). Successful exploitation can lead to full system takeover.
CVE-2026-59101 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59101)
SSRF in ssrf (CVE-2026-59101). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/setup/test-downloader`.
CVE-2026-59095 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59095)
SSRF in ssrf (CVE-2026-59095). Confidential information can be exposed externally.
CVE-2026-55115 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55115)
SSRF in ssrf (CVE-2026-55115). Successful exploitation can lead to full system takeover.
CVE-2026-55113 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55113)
SSRF in ssrf (CVE-2026-55113). Risk of unauthorized operations or information disclosure.
CVE-2026-54401 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-54401)
SSRF in ssrf (CVE-2026-54401). Confidential information can be exposed externally.
CVE-2026-57681 Subscriber Server Side Request Forgery (SSRF) in GeoDirectory <= 2.8.161 versions.
Subscriber Server Side Request Forgery (SSRF) in GeoDirectory <= 2.8.161 versions.
CVE-2026-57348 Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions <= 3.0.4 versions.
Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions <= 3.0.4 versions.
CVE-2026-56399 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-56399)
SSRF in ssrf (CVE-2026-56399). Risk of unauthorized operations or information disclosure.
CVE-2025-36324 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-36324)
SSRF in ssrf (CVE-2025-36324). Risk of unauthorized operations or information disclosure.
CVE-2026-10564 SSRF (Server-Side Request Forgery) in c (CVE-2026-10564)
SSRF in c (CVE-2026-10564). Confidential information can be exposed externally.
CVE-2026-10546 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10546)
SSRF in ssrf (CVE-2026-10546). Confidential information can be exposed externally.
CVE-2026-13773 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13773)
SSRF in ssrf (CVE-2026-13773). Risk of unauthorized operations or information disclosure.
CVE-2026-10129 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-10129)
SSRF in ssrf (CVE-2026-10129). Confidential information can be exposed externally.
CVE-2026-48285 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48285)
SSRF in ssrf (CVE-2026-48285). Confidential information can be exposed externally.
CVE-2026-13316 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13316)
SSRF in ssrf (CVE-2026-13316). Confidential information can be exposed externally.
CVE-2026-57947 Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook...
CVE-2026-56285 Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and...
CVE-2026-56663 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-56663)
SSRF in ssrf (CVE-2026-56663). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.6.52` or later.
CVE-2026-28385 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-28385)
SSRF in ssrf (CVE-2026-28385). Risk of unauthorized operations or information disclosure.
CVE-2026-57627 Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions.
Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions.
CVE-2026-56026 Subscriber Server Side Request Forgery (SSRF) in utm.codes <= 1.9.0 versions.
Subscriber Server Side Request Forgery (SSRF) in utm.codes <= 1.9.0 versions.
CVE-2026-4339 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-4339)
SSRF in ssrf (CVE-2026-4339). Confidential information can be exposed externally.
CVE-2026-57940 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57940)
SSRF in ssrf (CVE-2026-57940). Risk of unauthorized operations or information disclosure.
CVE-2026-13318 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13318)
SSRF in ssrf (CVE-2026-13318). Risk of unauthorized operations or information disclosure.
CVE-2026-12975 XXE (XML External Entity) in ssrf (CVE-2026-12975)
vulnerability in ssrf (CVE-2026-12975). Risk of unauthorized operations or information disclosure.
CVE-2026-55412 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-55412)
SSRF in ssrf (CVE-2026-55412). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.20.178-lts` or later.
CVE-2026-54033 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-54033)
SSRF in ssrf (CVE-2026-54033). Confidential information can be exposed externally. Mitigation: upgrade to `0.8.4-rc1` or later.
CVE-2026-57535 Vulnerability in ssrf (CVE-2026-57535)
vulnerability in ssrf (CVE-2026-57535). Risk of unauthorized operations or information disclosure.
CVE-2026-57234 Vulnerability in ssrf (CVE-2026-57234)
vulnerability in ssrf (CVE-2026-57234). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.19.4` or later.
CVE-2026-55454 Vulnerability in ssrf (CVE-2026-55454)
vulnerability in ssrf (CVE-2026-55454). Successful exploitation can lead to full system takeover. Exploitable via `POST /load`. Mitigation: upgrade to `2.1` or later.
CVE-2026-12986 Cross-Site Request Forgery (CSRF) in ssrf (CVE-2026-12986)
vulnerability in ssrf (CVE-2026-12986). Risk of unauthorized operations or information disclosure.
CVE-2026-13150 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-13150)
SSRF in ssrf (CVE-2026-13150). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/reports/{id}/pdf`.
CVE-2026-50221 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-50221)
SSRF in ssrf (CVE-2026-50221). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →