ReportizFlow
Filtered by vendor
Subscriptions
Total
2485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42038 | 1 Axios | 1 Axios | 2026-04-28 | 6.8 Medium |
| Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for no_proxy hostname normalization bypass is incomplete. When no_proxy=localhost is set, requests to 127.0.0.1 and [::1] still route through the proxy instead of bypassing it. The shouldBypassProxy() function does pure string matching — it does not resolve IP aliases or loopback equivalents. This vulnerability is fixed in 1.15.1 and 0.31.1. | ||||
| CVE-2026-7146 | 1 Alejandroarciniegas | 1 Mcp-data-vis | 2026-04-28 | 7.3 High |
| A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-35548 | 1 Guardsix | 1 Odbc Enrichment Plugins | 2026-04-27 | 8.5 High |
| An issue was discovered in guardsix (formerly Logpoint) ODBC Enrichment Plugins before 5.2.1 (5.2.1 is used in guardsix 7.9.0.0). A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source, previously stored credentials were retained even if the connection endpoint was changed. An authenticated Operator user could redirect the database connection to unintended internal systems, resulting in SSRF and potential misuse of valid stored credentials. | ||||
| CVE-2026-41170 | 1 Squidex.io | 1 Squidex | 2026-04-27 | N/A |
| Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the `RestoreController.PostRestoreJob` endpoint allows an administrator to supply an arbitrary URL for downloading backup archives. This URL is fetched using the "Backup" `HttpClient` without any SSRF protection. A malicious or compromised admin can use this endpoint to probe internal network services, access cloud metadata endpoints, or perform internal reconnaissance. The vulnerability is authenticated (Admin-only) but highly impactful, allowing potential access to sensitive internal resources. Version 7.23.0 contains a fix. | ||||
| CVE-2026-41171 | 1 Squidex.io | 1 Squidex | 2026-04-27 | N/A |
| Squidex is an open source headless content management system and content management hub. Versions prior to 7.23.0 have a Server-Side Request Forgery (SSRF) vulnerability due to missing SSRF protection on the `Jint` HTTP client used by scripting engine functions (`getJSON`, `request`, etc.). An authenticated user with low privileges (e.g., schema editing permissions) can force the server to make arbitrary outbound HTTP requests to attacker-controlled or internal endpoints. This allows access to internal services and cloud metadata endpoints (e.g., IMDS), potentially leading to credential exposure and lateral movement. Version 7.23.0 contains a fix. | ||||
| CVE-2026-41172 | 1 Squidex.io | 1 Squidex | 2026-04-27 | N/A |
| Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, an SSRF vulnerability allows a user with asset upload permission to force the server to fetch arbitrary URLs, including localhost/private network targets, and persist the response as an asset. Version 7.23.0 contains a fix. | ||||
| CVE-2026-41177 | 1 Squidex.io | 1 Squidex | 2026-04-27 | 5.5 Medium |
| Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the Squidex Restore API is vulnerable to Blind Server-Side Request Forgery (SSRF). The application fails to validate the URI scheme of the user-supplied `Url` parameter, allowing the use of the `file://` protocol. This allows an authenticated administrator to force the backend server to interact with the local filesystem, which can lead to Local File Interaction (LFI) and potential disclosure of sensitive system information through side-channel analysis of internal logs. Version 7.23.0 contains a fix. | ||||
| CVE-2026-41270 | 1 Flowiseai | 2 Flowise, Flowise-components | 2026-04-27 | 7.1 High |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTP_DENY_LIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandbox without equivalent protection. This allows authenticated users to bypass SSRF controls and access internal network resources (e.g., cloud provider metadata services) This vulnerability is fixed in 3.1.0. | ||||
| CVE-2026-41272 | 1 Flowiseai | 2 Flowise, Flowise-components | 2026-04-27 | 7.1 High |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers (secureAxiosRequest and secureFetch) intended to prevent Server-Side Request Forgery (SSRF) contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding (Time-of-Check Time-of-Use) or by exploiting the default configuration which fails to enforce any deny list. This vulnerability is fixed in 3.1.0. | ||||
| CVE-2026-41271 | 1 Flowiseai | 2 Flowise, Flowise-components | 2026-04-27 | 8.3 High |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery (SSRF) vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests to internal and external systems. By injecting malicious prompt templates, attackers can bypass the intended API documentation constraints and redirect requests to sensitive internal services, potentially leading to internal network reconnaissance and data exfiltration. This vulnerability is fixed in 3.1.0. | ||||
| CVE-2026-6979 | 1 Devlikeapro | 1 Waha | 2026-04-27 | 6.3 Medium |
| A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-6981 | 1 Ihatecreatingusernames2 | 1 Airahub2 | 2026-04-27 | 6.3 Medium |
| A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-7065 | 1 Bidingcc | 1 Buildingai | 2026-04-27 | 7.3 High |
| A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-7084 | 1 Hbai-ltd | 1 Toonflow-app | 2026-04-27 | 6.3 Medium |
| A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. The manipulation of the argument Link results in server-side request forgery. The attack may be performed from remote. The exploit has been made public and could be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor explains in a reply to the issue report, that "[t]he /getCodeByLink interface is used to obtain TS code and run it locally. It is inherently a high-risk interface, and users must clearly understand the risks before requesting to use it." | ||||
| CVE-2026-7094 | 1 Shadowclonelabs | 1 Glutamatemcpservers | 2026-04-27 | 7.3 High |
| A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/index.ts of the component puppeteer_navigate. Executing a manipulation of the argument url can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-49374 | 1 Wordpress | 1 Wordpress | 2026-04-27 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in captcha.eu Captcha.eu captcha-eu allows Server Side Request Forgery.This issue affects Captcha.eu: from n/a through <= 1.0.61. | ||||
| CVE-2026-41455 | 1 Wekan | 1 Wekan | 2026-04-27 | 8.5 High |
| WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the url schema field accepts any string without protocol restriction or destination validation. Attackers who can create or modify integrations can set webhook URLs to internal network addresses, causing the server to issue HTTP POST requests to attacker-controlled internal targets with full board event payloads, and can additionally exploit response handling to overwrite arbitrary comment text without authorization checks. | ||||
| CVE-2025-68600 | 2 Wordpress, Ylefebvre | 2 Wordpress, Link Library | 2026-04-27 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Yannick Lefebvre Link Library link-library allows Server Side Request Forgery.This issue affects Link Library: from n/a through <= 7.8.7. | ||||
| CVE-2025-68500 | 2 Bdthemes, Wordpress | 2 Prime Slider, Wordpress | 2026-04-27 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in bdthemes Prime Slider – Addons For Elementor bdthemes-prime-slider-lite allows Server Side Request Forgery.This issue affects Prime Slider – Addons For Elementor: from n/a through <= 4.0.10. | ||||
| CVE-2025-22726 | 1 Wordpress | 1 Wordpress | 2026-04-27 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows Server Side Request Forgery.This issue affects nK Themes Helper: from n/a through <= 1.7.9. | ||||