Fallos del tipo CWE-918
2184 resultadosCVE-2024-56800HIGHFirecrawl has SSRF Vulnerability via malicious scrape targetEPSS 0.3%CVE-2024-13741MEDIUMProfileGrid – User Profiles, Groups and Communities <= 5.9.4.2 - Authenticated (Subscriber+) Limited Server-Side Request ForgeryEPSS 0.3%CVE-2026-46348HIGHMastodon: SSRF Bypass via IPv6 Unspecified Address (::)EPSS 0.3%CVE-2026-34936HIGHPraisonAI: SSRF via Unvalidated api_base in passthrough() FallbackEPSS 0.3%CVE-2024-24888MEDIUMWordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.2.25 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-26322HIGHOpenClaw Gateway tool allowed unrestricted gatewayUrl overrideEPSS 0.3%CVE-2026-35409HIGHDirectus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File ImportEPSS 0.3%CVE-2025-59155MEDIUMhackmd-mcp server-side request forgery in HTTP transport modeEPSS 0.3%CVE-2025-32372MEDIUMServer-Side Request Forgery (SSRF) in DotNetNuke.CoreEPSS 0.3%CVE-2026-0745MEDIUMUser Language Switch <= 1.6.10 - Authenticated (Administrator+) Server-Side Request Forgery via 'info_language' ParameterEPSS 0.3%CVE-2023-39301MEDIUMQTS, QuTS hero, QuTScloudEPSS 0.3%CVE-2025-5276HIGHAll versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. EPSS 0.3%CVE-2024-1568MEDIUMSeraphinite Accelerator <= 2.20.52 - Authenticated (Subscriber+) Server-Side Request Forgery in OnAdminApi_HtmlCheckEPSS 0.3%CVE-2024-48178HIGHnewbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg parameter.EPSS 0.3%CVE-2026-33659LOWEspoCRM: SSRF via DNS Rebinding in Attachment fromImageUrl Endpoint Allows Internal Network AccessEPSS 0.3%CVE-2025-9402MEDIUMHuangDou UTCMS Config update.php server-side request forgeryEPSS 0.3%CVE-2024-52594MEDIUMServer-Side Request Forgery (SSRF) on redirects and federation in gomatrixserverlibEPSS 0.3%CVE-2026-48782MEDIUMpydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)EPSS 0.3%CVE-2026-24117MEDIUMRekor affected by Server-Side Request Forgery (SSRF) via provided public key URLEPSS 0.3%CVE-2026-5052MEDIUMVault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNSEPSS 0.3%