Weaknesses of type CWE-918
2,196 resultsCVE-2025-28093MEDIUMShopXO v6.4.0 is vulnerable to Server-Side Request Forgery (SSRF) in Email Settings.EPSS 0.3%CVE-2026-39361HIGHOpenObserve has a SSRF Protection Bypass via IPv6 Bracket Notation in validate_enrichment_urlEPSS 0.3%CVE-2026-22597MEDIUMGhost has SSRF via External Media InlinerEPSS 0.3%CVE-2025-1662MEDIUMURL Media Uploader <= 1.0.0 - Authenticated (Author+) Server-Side Request Forgery via DNS RebindingEPSS 0.3%CVE-2025-64178HIGHJellysweep uses uncontrolled data in image cache API endpointEPSS 0.3%CVE-2026-25123MEDIUMHomarr affected by Unauthenticated SSRF / Port-Scan Primitive via widget.app.pingEPSS 0.3%CVE-2026-44285HIGHFastGPT: SSRF Protection Bypass via `externalFile` in Dataset Preview APIEPSS 0.3%CVE-2026-45061HIGHBudibase: SSRF via trivial `.tar.gz` substring bypass in Plugin URL upload (`/api/plugin`)EPSS 0.3%CVE-2026-47260HIGHKoel Vulnerable to SSRF via Podcast Episode Enclosure URLsEPSS 0.3%CVE-2026-43979MEDIUMLocal Deep Research: HTML Injection via Unescaped User Input in PDF Export (`pdf_service.py:_markdown_to_html`)EPSS 0.3%CVE-2026-6111MEDIUMFoundationAgents MetaGPT common.py decode_image server-side request forgeryEPSS 0.3%CVE-2024-13697MEDIUMBetter Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.7.4 - Unauthenticated Limited Server-Side Request Forgery in nice_linksEPSS 0.3%CVE-2024-34711CRITICALGeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)EPSS 0.3%CVE-2024-41737MEDIUMServer-Side Request Forgery (SSRF) in SAP CRM ABAP (Insights Management)EPSS 0.3%CVE-2026-12798MEDIUMBerriAI litellm MCP OpenAPI Spec Loader openapi_to_mcp_generator.py load_openapi_spec_async server-side request forgeryEPSS 0.3%CVE-2024-35633MEDIUMWordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-43986CRITICALTautulli vulnerable to unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replayEPSS 0.3%CVE-2025-48383HIGHDjango-Select2 Vulnerable to Widget Instance Secret Cache Key LeakingEPSS 0.3%CVE-2026-56348MEDIUMn8n - Credential Exfiltration via Allowed HTTP Request Domains Bypass in Dynamic Node Parameters EndpointEPSS 0.3%CVE-2026-7084MEDIUMHBAI-Ltd Toonflow-app getCodeByLink Endpoint getCodeByLink.ts fetch server-side request forgeryEPSS 0.3%