VYPR

CWE-918

Server-Side Request Forgery (SSRF)

BaseIncomplete

Description

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-664

CVEs mapped to this weakness (1,583)

page 36 of 80
  • CVE-2010-1637MedJun 22, 2010
    risk 0.42cvss 6.5epss 0.03

    The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

  • CVE-2026-12210MedJun 15, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was detected in universal-tool-calling-protocol python-utcp 1.1.0. This affects an unknown function of the component utcp-gql/utcp-websocket. Performing a manipulation results in server-side request forgery. The attack can be initiated remotely. The exploit is…

  • CVE-2026-53782HigJun 11, 2026
    risk 0.41cvss 7.4epss 0.00

    Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows attackers who control a podcast RSS feed to direct the host to fetch transcript content from loopback addresses, link-local addresses, RFC 1918 private ranges, or other reserved destinations…

  • CVE-2026-10581MedJun 2, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file /plus/download.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has…

  • CVE-2026-10276MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects the function jobPath of the file src/index.ts of the component get_build_status/get_build_log/trigger_build. Such manipulation leads to server-side request forgery. The attack may be…

  • CVE-2026-10274MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the component Axios Request Flow. Executing a manipulation of the argument assetPath can…

  • CVE-2026-10240MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in JeecgBoot up to 3.9.2. The impacted element is an unknown function of the file /airag/airagModel/test. The manipulation of the argument baseUrl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit…

  • CVE-2026-10239MedJun 1, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in JeecgBoot up to 3.9.2. The affected element is the function WordUtil.addImage of the file /airag/word/edit. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. The exploit has been publicly…

  • CVE-2026-48555HigMay 29, 2026
    risk 0.41cvss 7.4epss 0.00

    Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by passing user-controlled URLs to the addMediaFromUrl() method in…

  • CVE-2026-45373HigMay 28, 2026
    risk 0.41cvss 7.4epss 0.00

    CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as http://[::1], the SSRF defenses do not work. This vulnerability is fixed in…

  • CVE-2026-45310HigMay 28, 2026
    risk 0.41cvss 7.4epss 0.00

    CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetch_url tool validates the initial URL's resolved IP address against a restricted-IP blocklist (is_restricted_ip()) to prevent SSRF attacks against internal services (cloud metadata endpoints,…

  • CVE-2026-45245HigMay 18, 2026
    risk 0.41cvss 7.4epss 0.00

    Summarize prior to 0.15.1 contains a vulnerability in the hover summary feature that allows malicious pages to dispatch synthetic mouseover events over attacker-controlled links, causing the extension to make authenticated daemon requests using stored tokens without verifying…

  • CVE-2026-8193MedMay 9, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit…

  • CVE-2026-8081MedMay 7, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the component API Interface. The manipulation of the argument url leads to server-side request…

  • CVE-2026-7729MedMay 4, 2026
    risk 0.41cvss 6.3epss 0.00

    A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be…

  • CVE-2026-7291MedApr 28, 2026
    risk 0.41cvss 6.3epss 0.00

    A weakness has been identified in o2oa up to 10.0. This affects the function FileAction of the file FileAction.java of the component URL Fetching. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. It is possible to launch the attack…

  • CVE-2026-24231MedApr 28, 2026
    risk 0.41cvss 6.3epss 0.00

    NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI…

  • CVE-2026-7150MedApr 27, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generate_favicon_from_url of the file src/auto_favicon/server.py of the component MCP Tool. The manipulation of the argument image_url results in…

  • CVE-2026-6981MedApr 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a manipulation results in server-side request…

  • CVE-2026-6979MedApr 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has…