CWE-918
Server-Side Request Forgery (SSRF)
Description
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-664
CVEs mapped to this weakness (1,583)
page 63 of 80| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44583 | — | med | 0.26 | — | — | Jun 22, 2026 | ### Summary The PayPal webhook endpoint `/extensions/paypal/webhook` processes the `PAYPAL-CERT-URL` HTTP header without validation, allowing attackers to control server-side HTTP request destinations. ### Technical details: The `/extensions/paypal/webhook` endpoint processes… | |
| CVE-2026-44202 | — | med | 0.26 | — | — | Jun 22, 2026 | OpenAM (Open Identity Platform) is an open-source Identity and Access Management (IAM) platform derived from ForgeRock OpenAM, providing SSO, OAuth2, SAML, and OpenID Connect capabilities. It is widely deployed in enterprise environments as a central authentication gateway. The… | |
| CVE-2026-49138 | Med | 0.26 | 5.0 | 0.00 | Jun 1, 2026 | Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header.… | ||
| CVE-2026-46526 | Med | 0.26 | 5.0 | 0.00 | May 28, 2026 | Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validate_url to validate… | ||
| CVE-2026-43979 | Med | 0.26 | 5.0 | 0.00 | May 28, 2026 | Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService._markdown_to_html() constructs an HTML document by interpolating user-controlled values — specifically title (sourced from research.title or research.query) and… | ||
| CVE-2026-48128 | Med | 0.26 | — | 0.00 | May 27, 2026 | Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution controller without additional validation. When combined with a REST datasource… | ||
| CVE-2026-42336 | Med | 0.26 | — | 0.00 | May 26, 2026 | MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing… | ||
| CVE-2026-41195 | Med | 0.26 | 5.0 | 0.00 | May 12, 2026 | mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows… | ||
| CVE-2026-45000 | Med | 0.26 | 5.0 | 0.00 | May 11, 2026 | OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing to private-network or metadata endpoints that bypass security policies and are… | ||
| CVE-2026-42213 | Med | 0.26 | — | 0.00 | May 8, 2026 | SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, the inc "filename" directive in GPPL postprocessor files is resolved by GpplDocumentLinkHandler into a clickable link (VS Code… | ||
| CVE-2026-41413 | Med | 0.26 | 5.0 | 0.00 | May 7, 2026 | Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without… | ||
| CVE-2026-35527 | Med | 0.26 | 5.0 | 0.00 | May 5, 2026 | Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The… | ||
| CVE-2026-34244 | Med | 0.26 | 5.0 | 0.00 | Apr 15, 2026 | Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration… | ||
| CVE-2026-33440 | Med | 0.26 | 5.0 | 0.00 | Apr 15, 2026 | Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has been fixed in version 5.17. | ||
| CVE-2026-39418 | Med | 0.26 | 5.0 | 0.00 | Apr 14, 2026 | MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are… | ||
| CVE-2026-4979 | Med | 0.26 | 5.0 | 0.00 | Apr 11, 2026 | The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and including, 1.2.58. This is due to insufficient URL origin validation in the… | ||
| CVE-2026-35516 | Med | 0.26 | 5.0 | 0.00 | Apr 7, 2026 | LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services (AWS IMDSv1, cloud metadata, internal APIs) by… | ||
| CVE-2026-34526 | Med | 0.26 | 5.0 | 0.00 | Apr 2, 2026 | SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against… | ||
| CVE-2026-33185 | Med | 0.26 | 5.0 | 0.00 | Mar 31, 2026 | Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings test endpoint could be used to make the server initiate outbound connections to… | ||
| CVE-2026-33537 | Med | 0.26 | 5.0 | 0.00 | Mar 26, 2026 | Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v (SSRF via `Photo::fromUrl`) contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user… |
- risk 0.26cvss —epss —
### Summary The PayPal webhook endpoint `/extensions/paypal/webhook` processes the `PAYPAL-CERT-URL` HTTP header without validation, allowing attackers to control server-side HTTP request destinations. ### Technical details: The `/extensions/paypal/webhook` endpoint processes…
- risk 0.26cvss —epss —
OpenAM (Open Identity Platform) is an open-source Identity and Access Management (IAM) platform derived from ForgeRock OpenAM, providing SSO, OAuth2, SAML, and OpenID Connect capabilities. It is widely deployed in enterprise environments as a central authentication gateway. The…
- risk 0.26cvss 5.0epss 0.00
Nanobot prior to version 0.2.1 contains a server-side request forgery vulnerability in the web_fetch tool that allows remote attackers to reach internal or private network hosts by supplying a URL that redirects to a loopback or private address via a 3xx Location header.…
- risk 0.26cvss 5.0epss 0.00
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attackers, leading to SSRF attacks. The current project uses validate_url to validate…
- risk 0.26cvss 5.0epss 0.00
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.0, PDFService._markdown_to_html() constructs an HTML document by interpolating user-controlled values — specifically title (sourced from research.title or research.query) and…
- risk 0.26cvss —epss 0.00
Budibase is an open-source low-code platform. Prior to 3.39.0, the executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution controller without additional validation. When combined with a REST datasource…
- risk 0.26cvss —epss 0.00
MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery (SSRF) bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing…
- risk 0.26cvss 5.0epss 0.00
mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows…
- risk 0.26cvss 5.0epss 0.00
OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in browser CDP profile creation that skips strict-mode SSRF policy checks. Attackers can create stored profiles pointing to private-network or metadata endpoints that bypass security policies and are…
- risk 0.26cvss —epss 0.00
SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, the inc "filename" directive in GPPL postprocessor files is resolved by GpplDocumentLinkHandler into a clickable link (VS Code…
- risk 0.26cvss 5.0epss 0.00
Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created with a jwksUri pointing to an internal service, istiod makes an unauthenticated HTTP GET request to that URL without…
- risk 0.26cvss 5.0epss 0.00
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The…
- risk 0.26cvss 5.0epss 0.00
Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration" role) can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration…
- risk 0.26cvss 5.0epss 0.00
Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and didn't restrict possible redirects. This issue has been fixed in version 5.17.
- risk 0.26cvss 5.0epss 0.00
MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with the MSG_FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are…
- risk 0.26cvss 5.0epss 0.00
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to blind Server-Side Request Forgery in all versions up to, and including, 1.2.58. This is due to insufficient URL origin validation in the…
- risk 0.26cvss 5.0epss 0.00
LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services (AWS IMDSv1, cloud metadata, internal APIs) by…
- risk 0.26cvss 5.0epss 0.00
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to version 1.17.0, in src/endpoints/search.js, the hostname is checked against…
- risk 0.26cvss 5.0epss 0.00
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the group email settings test endpoint could be used to make the server initiate outbound connections to…
- risk 0.26cvss 5.0epss 0.00
Lychee is a free, open-source photo-management tool. The patch introduced for GHSA-cpgw-wgf3-xc6v (SSRF via `Photo::fromUrl`) contains an incomplete IP validation check that fails to block loopback addresses and link-local addresses. Prior to version 7.5.1, an authenticated user…