Fallos del tipo CWE-918
2185 resultadosCVE-2026-6625MEDIUMmoxi624 Mogu Blog v2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl server-side request forgeryEPSS 0.3%CVE-2025-52196HIGHServer-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8.1.x (8.1.1417.24) allows remote attackers to induce the server to make arEPSS 0.3%CVE-2025-68662HIGHFinalDestination hostname matching allows SSRF protection bypassEPSS 0.3%CVE-2026-41060HIGHAVideo's SSRF via same-domain hostname with alternate port bypasses isSSRFSafeURLEPSS 0.3%CVE-2025-30678MEDIUMA Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manEPSS 0.3%CVE-2025-30679MEDIUMA Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manEPSS 0.3%CVE-2025-52491MEDIUMAkamai CloudTest before 60 2025.06.09 (12989) allows SSRF.EPSS 0.3%CVE-2025-59344HIGHAliasVault Vulnerable to Server-Side Request Forgery via Favicon ExtractionEPSS 0.3%CVE-2026-4302HIGHWowOptin: Next-Gen Popup Maker <= 1.4.29 - Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST APIEPSS 0.3%CVE-2023-29260MEDIUMIBM Sterling Connect:Express for UNIX server-side request forgeryEPSS 0.3%CVE-2026-28677HIGHOpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal accessEPSS 0.3%CVE-2026-3052MEDIUMDataLinkDC dinky Flink Proxy Controller FlinkProxyController.java proxyUba server-side request forgeryEPSS 0.3%CVE-2026-25870MEDIUMDoraCMS <= 3.1 UEditor Remote Image Fetch SSRFEPSS 0.3%CVE-2025-26487HIGHServer Side Request Forgery (SSRF) in the web server of Infinera MTC-9EPSS 0.3%CVE-2026-7221MEDIUMTencentCloudBase CloudBase-MCP open-url API Endpoint interactive-server.ts openUrl server-side request forgeryEPSS 0.3%CVE-2025-10391MEDIUMCRMEB OutAccountServices.php testOutUrl server-side request forgeryEPSS 0.3%CVE-2026-2985MEDIUMTiandy Video Surveillance System 视频监控平台 CLSBODownLoad.java downloadImage server-side request forgeryEPSS 0.3%CVE-2024-31897MEDIUMIBM Cloud Pak for Business Automation server-side request forgeryEPSS 0.3%CVE-2026-29097HIGHSuiteCRM Server-Side Request Forgery and Denial of Service via RSS Feed DashletEPSS 0.3%CVE-2025-28197CRITICALCrawl4AI <=0.4.247 is vulnerable to SSRF in /crawl4ai/async_dispatcher.py.EPSS 0.3%