Fallos del tipo CWE-918

2184 resultados
CVE-2026-48782MEDIUMpydantic-ai: SSRF blocklist bypass via IPv4-compatible, SIIT/IVI, and local NAT64 IPv6 addresses (incomplete fix of CVE-2026-46678)EPSS 0.3%CVE-2023-36679HIGHWordPress Spectra plugin <= 2.6.6 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-41644HIGHmonetr is vulnerable to server-side request forgery in Lunch Flow link creation and refreshEPSS 0.3%CVE-2025-55151HIGHStirling-PDF SSRF vulnerability on /api/v1/convert/file/pdfEPSS 0.3%CVE-2026-30839MEDIUMWallos: SSRF via webhook test endpointEPSS 0.3%CVE-2025-61488HIGHAn issue in Senayan Library Management System (SLiMS) 9 Bulian v.9.6.1 allows a remote attacker to execute arbitrary code via the scrap_imagEPSS 0.3%CVE-2026-45245MEDIUMSummarize < 0.15.1 Unauthorized Daemon Request via Untrusted EventsEPSS 0.3%CVE-2024-31229MEDIUMWordPress Really Simple SSL plugin <= 7.2.3 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2024-10207MEDIUMServer-Side Request Forgery (authenticated) in APROL Web PortalEPSS 0.3%CVE-2024-8099HIGHServer-Side Request Forgery (SSRF) in vanna-ai/vannaEPSS 0.3%CVE-2024-10705MEDIUMMultiple Page Generator Plugin – MPG <= 4.0.5 - Authenticated (Editor+) Server-Side Request Forgery via fileUrlEPSS 0.3%CVE-2026-48128MEDIUMBudibase: SSRF via User-Controlled queryId in Automation Execute Query StepEPSS 0.3%CVE-2017-20106MEDIUMLithium Forum Compose Message server-side request forgeryEPSS 0.3%CVE-2025-24695MEDIUMWordPress Extensions For CF7 Plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-41177MEDIUMSquidex has Blind SSRF via file:// Protocol in Restore API leading to Local File InteractionEPSS 0.3%CVE-2026-41413MEDIUMIstio Vulnerable to SSRF via RequestAuthentication jwksUriEPSS 0.3%CVE-2026-5921HIGHServer-Side Request Forgery in GitHub Enterprise Server allowed extraction of sensitive environment variables via timing side-channel attackEPSS 0.3%CVE-2026-32828MEDIUMKargo: SSRF in Promotion http/http-download Steps Enables Internal Network Access and Data ExfiltrationEPSS 0.3%CVE-2025-23082HIGHVeeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unaEPSS 0.3%CVE-2026-30832CRITICALSoft Serve: SSRF via unvalidated LFS endpoint in repo importEPSS 0.3%