Falhas do tipo CWE-918
2.203 resultadosCVE-2025-43747MEDIUMA server-side request forgery (SSRF) vulnerability exists in the Liferay DXP 2025.Q2.0 through 2025.Q2.3 due to insecure domain validation oEPSS 0.2%CVE-2025-48294MEDIUMWordPress FG Drupal to WordPress plugin <= 3.90.0 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-45609HIGHmcp-security: Unvalidated URL Fetching (SSRF)EPSS 0.2%CVE-2026-1343HIGHSecurity Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify AccessEPSS 0.2%CVE-2026-44971HIGHGuardDog: Blind GitHub URL rewrite in remote project scanning causes SSRF and `GH_TOKEN` exfiltrationEPSS 0.2%CVE-2026-24767MEDIUMNocoDB has Blind SSRF via Unvalidated HEAD Request in uploadViaURL FunctionalityEPSS 0.2%CVE-2026-48998MEDIUMguzzlehttp/psr7 has Host Confusion via Authority ReinterpretationEPSS 0.2%CVE-2026-39418MEDIUMMaxKB: SSRF via sandbox network hook bypassEPSS 0.2%CVE-2025-14438MEDIUMXagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request ForgeryEPSS 0.2%CVE-2025-59809MEDIUMA server-side request forgery (ssrf) vulnerability [CWE-918] vulnerability in Fortinet FortiSOAR PaaS 7.6.4, FortiSOAR PaaS 7.6.0 through 7.EPSS 0.2%CVE-2026-41195MEDIUMmosparo: Rule package source URL stored SSRF enables internal HTTP probingEPSS 0.2%CVE-2026-45012HIGHApostrophe has authenticated SSRF in rich-text widget import via @apostrophecms/area/validate-widgetEPSS 0.2%CVE-2026-53944MEDIUMGhost: Private IP filtering bypass to make server-side requests to internal servicesEPSS 0.2%CVE-2025-60161MEDIUMWordPress ZoloBlocks Plugin <= 2.3.11 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-54299HIGHAstro: Host-header full-read SSRF in core prerendered error-page fetch (prerenderedErrorPageFetch default + unvalidated createRequestFromNodeRequest URL)EPSS 0.2%CVE-2026-0932MEDIUMBlind server-side request forgery (SSRF) vulnerability in legacy connection methods of document co-authoring features in M-Files Server befoEPSS 0.2%CVE-2026-47157MEDIUMaiograpi: Unsafe signup challenge path handlingEPSS 0.2%CVE-2026-6215MEDIUMDbGate REST/GraphQL openApiDriver.ts apiServerUrl1 server-side request forgeryEPSS 0.2%CVE-2026-12992HIGHApicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validationEPSS 0.2%CVE-2025-12560MEDIUMBlog2Social: Social Media Auto Post & Scheduler <= 8.6.0 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via post_urlEPSS 0.2%