Weaknesses of type CWE-918
2,174 resultsCVE-2026-27696HIGHchangedetection.io Vulnerable to Server-Side Request Forgery (SSRF) via Watch URLsEPSS 0.4%CVE-2024-1063MEDIUMAppwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CEPSS 0.4%CVE-2024-40632LOWLinkerd potential access to the shutdown endpointEPSS 0.4%CVE-2025-13814MEDIUMmoxi159753 Mogu Blog v2 uploadPicsByUrl LocalFileServiceImpl.uploadPictureByUrl server-side request forgeryEPSS 0.4%CVE-2021-38135HIGHPossible External service interaction Vulnerability in OpenText iManagerEPSS 0.4%CVE-2025-65512HIGHA Server-Side Request Forgery (SSRF) vulnerability was discovered in the webpage-to-markdown conversion feature of markdownify-mcp v0.0.2 anEPSS 0.4%CVE-2026-33502CRITICALAVideo has Unauthenticated SSRF via plugin/Live/test.phpEPSS 0.4%CVE-2024-3448MEDIUMImproper Access Control Leads to Server-Side Request Forgery in MauticEPSS 0.4%CVE-2024-2796CRITICALSSRF in Akana API PlatformEPSS 0.4%CVE-2026-33024CRITICALAVideo-Encoder has Unauthenticated Blind Server-Side Request Forgery via Public Thumbnail GeneratorEPSS 0.4%CVE-2018-17450MEDIUMAn issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is SEPSS 0.4%CVE-2026-25960HIGHSSRF Protection Bypass in vLLMEPSS 0.4%CVE-2025-20371HIGHUnauthenticated Blind Server Side Request Forgery (SSRF) in Splunk EnterpriseEPSS 0.4%CVE-2024-1855MEDIUMWPCafe <= 2.2.23 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.4%CVE-2025-11046MEDIUMTencent WeKnora test testEmbeddingModel server-side request forgeryEPSS 0.4%CVE-2024-2663HIGHZD YouTube FLV Player <= 1.2.6 - Server-Side Request ForgeryEPSS 0.4%CVE-2024-39699MEDIUMDirectus has a Blind SSRF On File ImportEPSS 0.4%CVE-2025-5005MEDIUMShanghai Lingdang Information Technology Lingdang CRM index_event.php server-side request forgeryEPSS 0.4%CVE-2026-34515MEDIUMAIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on WindowsEPSS 0.4%CVE-2024-13907MEDIUMTotal Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.8 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.4%