Fallos del tipo CWE-918

2198 resultados
CVE-2026-41688HIGHIncomplete fix for CVE-2026-33399: SSRF in WallosEPSS 0.2%CVE-2026-13540MEDIUMGitBucket RepositoryCreationService.scala Git.cloneRepository.setURI server-side request forgeryEPSS 0.2%CVE-2026-5803MEDIUMbigsk1 openai-realtime-ui API Proxy Endpoint server.js server-side request forgeryEPSS 0.2%CVE-2026-2531MEDIUMMindsDB File Upload security.py clear_filename server-side request forgeryEPSS 0.2%CVE-2025-6242HIGHVllm: server side request forgery (ssrf) in mediaconnectorEPSS 0.2%CVE-2026-11424HIGHServer-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information DisclosureEPSS 0.2%CVE-2026-42965HIGHOpenshift/router: openshift/router: cloud metadata ssrf via fqdn-typed endpointslice bypasses destination validationEPSS 0.2%CVE-2025-12073MEDIUMServer-Side Request Forgery (SSRF) in GitLabEPSS 0.2%CVE-2026-45310HIGHCodeWhale: SSRF via HTTP Redirect Bypass in fetch_url ToolEPSS 0.2%CVE-2026-11346MEDIUMServer-Side Request Forgery (SSRF) allowing Internal Network Probing in linqiEPSS 0.2%CVE-2026-53607LOW@apostrophecms/file pretty-URL Vulnerable to Unauthenticated SSRF via Host headerEPSS 0.2%CVE-2026-43929HIGHssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed InputsEPSS 0.2%CVE-2026-27945LOWZITADEL has potential SSRF via ActionsEPSS 0.2%CVE-2026-48148MEDIUMBudibase: Unvalidated VectorDB Host Parameter Enables SSRFEPSS 0.2%CVE-2026-33458MEDIUMServer-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information DisclosureEPSS 0.2%CVE-2026-34590MEDIUMPostiz: SSRF via Webhook Creation Endpoint Missing URL Safety ValidationEPSS 0.2%CVE-2024-49312MEDIUMWordPress Edwiser Bridge plugin <= 3.0.7 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-0632MEDIUMFluent Forms Pro Add On Pack <= 6.1.12 - Authenticated (Subscriber+) Server-Side Request Forgery via 'saveDataSource'EPSS 0.2%CVE-2024-38791MEDIUMWordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2026-3681MEDIUMwelovemedia FFmate webhook.go fireWebhook server-side request forgeryEPSS 0.2%