Fallos del tipo CWE-918
2189 resultadosCVE-2023-48786MEDIUMA server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an aEPSS 0.3%CVE-2026-33401HIGHWallos: Incomplete fix for CVE-2026-30840 - SSRF in AI and notification endpoints bypass ssrf_helper.phpEPSS 0.3%CVE-2026-25991HIGHTandoor Recipes affected by Blind SSRF with Internal Network Access via Recipe ImportEPSS 0.3%CVE-2024-57252MEDIUMOtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can Read system files arbitrarily.EPSS 0.3%CVE-2026-34163HIGHServer-Side Request Forgery via MCP Tools Endpoint in FastGPTEPSS 0.3%CVE-2026-1857MEDIUMGutenberg Blocks with AI by Kadence WP <= 3.6.1 - Authenticated (Contributor+) Server-Side Request Forgery via 'endpoint' ParameterEPSS 0.3%CVE-2025-9821LOWSSRF via webhook functionEPSS 0.3%CVE-2026-33682MEDIUMStreamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)EPSS 0.3%CVE-2025-10471MEDIUMZKEACMS MediaController.cs Proxy server-side request forgeryEPSS 0.3%CVE-2026-26286HIGHSillyTavern has Server-Side Request Forgery (SSRF) via Asset Download Endpoint that Allows Reading Internal ServicesEPSS 0.3%CVE-2026-25528MEDIUMLangSmith Client SDK Affected by Server-Side Request Forgery via Tracing Header InjectionEPSS 0.3%CVE-2026-53927MEDIUMNocoDB: Server-Side Request Forgery via Spreadsheet Fetch URLEPSS 0.3%CVE-2026-33399HIGHWallos: SSRF Bypass - Incomplete Fix for CVE-2026-30839/30840EPSS 0.3%CVE-2026-31955MEDIUMXibo CMS has Authenticated Server-Side Request Forgery (SSRF) in Remote DataSet FunctionalityEPSS 0.3%CVE-2026-12100HIGHURL Preview <= 1.0 - Unauthenticated Server-Side Request Forgery via 'url' ParameterEPSS 0.3%CVE-2026-49129MEDIUMMusic Player Daemon < 0.24.11 SSRF via CurlInputPluginEPSS 0.3%CVE-2026-27829MEDIUMAstro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSizeEPSS 0.3%CVE-2026-40160HIGHPraisonAIAgents has SSRF via unvalidated URL in `web_crawl` httpx fallbackEPSS 0.3%CVE-2024-13856MEDIUMMake Builder <= 1.1.10 - Authenticated (Subscriber+) Server-Side Request Forgery via make_builder_ajax_subscribe FunctionEPSS 0.3%CVE-2025-10695MEDIUMOpenSupports 4.11.0 — SSRF via test imap and smtp endpointsEPSS 0.3%