Weaknesses of type CWE-918

2,203 results
CVE-2026-44520MEDIUMDocling-Graph: SSRF via Missing Internal IP Validation in URLInputHandlerEPSS 0.2%CVE-2026-5936HIGHServer-Side Request Forgery (SSRF) via URL Parameter in Foxit PDF Services APIEPSS 0.2%CVE-2025-69299HIGHWordPress Oxygen theme <= 6.0.8 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2024-7073MEDIUMUnauthenticated Server-Side Request Forgery (SSRF) in Multiple WSO2 Products via SOAP Admin ServicesEPSS 0.2%CVE-2025-49917MEDIUMWordPress Icegram Express Pro plugin <= 5.9.5 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-54300MEDIUM@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN configEPSS 0.2%CVE-2026-27600MEDIUMHomeBox affected by Blind SSRFEPSS 0.2%CVE-2026-42336MEDIUMMaxKB: SSRF Bypass via DNS Rebinding in MaxKB OSS URL FetchEPSS 0.2%CVE-2026-10052MEDIUMQuay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpointsEPSS 0.2%CVE-2026-45347MEDIUMOpen WebUI: Blind server side request forgery (SSRF) via the PDF generate functionEPSS 0.2%CVE-2025-49418HIGHWordPress Allmart plugin <= 1.0.0 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2020-36944MEDIUMILIAS Learning Management System 4.3 - SSRFEPSS 0.2%CVE-2026-28295MEDIUMGvfs: gvfs ftp backend: information disclosure via untrusted pasv responsesEPSS 0.2%CVE-2025-13999HIGHHTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request ForgeryEPSS 0.2%CVE-2026-39464MEDIUMWordPress Coming Soon Page, Under Construction & Maintenance Mode by SeedProd plugin <= 6.19.8 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-42592MEDIUMGotenberg: DNS rebinding bypasses SSRF validation on Chromium URL conversion routesEPSS 0.2%CVE-2026-10129HIGHSSRF via HTTP Redirect Following in Langflow API Request ComponentEPSS 0.2%CVE-2026-44515LOWNextcloud News: Authenticated blind SSRF via feed URLEPSS 0.2%CVE-2026-31989MEDIUMOpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation RedirectEPSS 0.2%CVE-2026-25310MEDIUMWordPress Extend Link plugin <= 2.0.0 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%