Total
2434 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3961 | 1 Zyddnys | 1 Manga-image-translator | 2026-03-20 | 6.3 Medium |
| A vulnerability was determined in zyddnys manga-image-translator up to beta-0.3. The affected element is the function to_pil_image of the file manga-image-translator-main/server/request_extraction.py of the component Translate Endpoints. This manipulation causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-3966 | 1 648540858 | 1 Wvp-gb28181-pro | 2026-03-20 | 6.3 Medium |
| A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the argument MediaServer.streamIp results in server-side request forgery. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-31878 | 1 Frappe | 1 Frappe | 2026-03-20 | 5 Medium |
| Frappe is a full-stack web application framework. Prior to 14.100.1, 15.100.0, and 16.6.0, a malicious user could send a crafted request to an endpoint which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 14.100.1, 15.100.0, and 16.6.0. | ||||
| CVE-2026-31959 | 1 Anchore | 1 Quill | 2026-03-20 | 5.3 Medium |
| Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery (SSRF) vulnerability when attempting to fetch the Apple notarization submission logs. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not possible under standard network conditions due to HTTPS with proper TLS certificate validation; however, environments with TLS-intercepting proxies (common in corporate networks), compromised certificate authorities, or other trust boundary violations are at risk. When retrieving submission logs, Quill fetches a URL provided in the API response without validating that the scheme is https or that the host does not point to a local or multicast IP address. An attacker who can tamper with the response can supply an arbitrary URL, causing the Quill client to issue HTTP or HTTPS requests to attacker-controlled or internal network destinations. This could lead to exfiltration of sensitive data such as cloud provider credentials or internal service responses. Both the Quill CLI and library are affected when used to retrieve notarization submission logs. This vulnerability is fixed in 0.7.1. | ||||
| CVE-2026-21294 | 1 Adobe | 4 Adobe Commerce, Commerce, Commerce B2b and 1 more | 2026-03-20 | 5.5 Medium |
| Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate server-side requests and bypass security controls. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-21293 | 1 Adobe | 4 Adobe Commerce, Commerce, Commerce B2b and 1 more | 2026-03-20 | 5.5 Medium |
| Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in a Security feature bypass. A high-privileged attacker could exploit this vulnerability to manipulate server-side requests and access unauthorized resources. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-30953 | 2 Kovah, Linkace | 2 Linkace, Linkace | 2026-03-20 | 7.7 High |
| LinkAce is a self-hosted archive to collect website links. When a user creates a link via POST /links, the server fetches HTML metadata from the provided URL (LinkRepository::create() calls HtmlMeta::getFromUrl()). The LinkStoreRequest validation rules do not include NoPrivateIpRule, allowing server-side requests to internal network addresses, Docker service hostnames, and cloud metadata endpoints. The project already has a NoPrivateIpRule class (app/Rules/NoPrivateIpRule.php) but it is only applied in FetchController.php (line 99), not in the primary link creation path. | ||||
| CVE-2025-70042 | 2 Opensourcelabs, Oslabs-beta | 2 Thermakube, Thermakube | 2026-03-18 | 9.8 Critical |
| An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master. | ||||
| CVE-2025-9522 | 1 Tp-link | 1 Omada Controller | 2026-03-11 | 5.3 Medium |
| Blind Server-Side Request Forgery (SSRF) in Omada Controllers through webhook functionality, enabling crafted requests to internal services, which may lead to enumeration of information. | ||||
| CVE-2021-22054 | 1 Vmware | 1 Workspace One Uem Console | 2026-03-11 | 7.5 High |
| VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information. | ||||
| CVE-2025-45691 | 2 Explodinggradients, Vibrantlabsai | 2 Ragas, Ragas | 2026-03-10 | 7.5 High |
| An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs. | ||||
| CVE-2025-36243 | 1 Ibm | 1 Concert | 2026-03-10 | 5.4 Medium |
| IBM Concert 1.0.0 through 2.1.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | ||||
| CVE-2025-14516 | 1 Yalantis | 1 Ucrop | 2026-03-05 | 6.3 Medium |
| A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this issue is the function downloadFile of the file com.yalantis.ucrop.task.BitmapLoadTask.java of the component URL Handler. Performing manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-64427 | 2 Icewhaletech, Zimaspace | 2 Zimaos, Zimaos | 2026-03-05 | 7.1 High |
| ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses (e.g., 127.0.0.1, localhost, or private network ranges). This allows the attacker to interact with internal HTTP/HTTPS services that are not intended to be exposed externally or to local users. No known patch is publicly available. | ||||
| CVE-2025-34469 | 1 Cowrie | 1 Cowrie | 2026-03-05 | 7.5 High |
| Cowrie versions prior to 2.9.0 contain a server-side request forgery (SSRF) vulnerability in the emulated shell implementation of wget and curl. In the default emulated shell configuration, these command emulations perform real outbound HTTP requests to attacker-supplied destinations. Because no outbound request rate limiting was enforced, unauthenticated remote attackers could repeatedly invoke these commands to generate unbounded HTTP traffic toward arbitrary third-party targets, allowing the Cowrie honeypot to be abused as a denial-of-service amplification node and masking the attacker’s true source address behind the honeypot’s IP. | ||||
| CVE-2020-36944 | 1 Ilias | 2 Ilias, Learning Management System | 2026-03-05 | 4 Medium |
| ILIAS Learning Management System 4.3 contains a server-side request forgery vulnerability that allows attackers to read local files through portfolio PDF export functionality. Attackers can inject a script that uses XMLHttpRequest to retrieve local file contents when the portfolio is exported to PDF. | ||||
| CVE-2024-50337 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 5.3 Medium |
| Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This issue has been patched in version 1.11.28. | ||||
| CVE-2025-50199 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 9.1 Critical |
| Chamilo is a learning management system. Prior to version 1.11.30, there is a blind SSRF vulnerability in /index.php via the POST openid_url parameter. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-3572 | 1 Intumit | 1 Smartrobot | 2026-03-02 | 7.5 High |
| SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server. | ||||
| CVE-2025-8055 | 1 Opentext | 1 Xm Fax | 2026-02-27 | 5.3 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in OpenText™ XM Fax allows Server Side Request Forgery. The vulnerability could allow an attacker to perform blind SSRF to other systems accessible from the XM Fax server. This issue affects XM Fax: 24.2. | ||||