Falhas do tipo CWE-918
2.203 resultadosCVE-2025-47483MEDIUMWordPress Easy Replace Image plugin <= 3.5.0 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-31878MEDIUMFrappe: Possible SSRF by any authenticated userEPSS 0.2%CVE-2026-42180MEDIUMLemmy: SSRF in /api/v3/post via Webmention dispatchEPSS 0.2%CVE-2026-31989MEDIUMOpenClaw < 2026.3.1 - Server-Side Request Forgery via web_search Citation RedirectEPSS 0.2%CVE-2025-46443MEDIUMWordPress Animate plugin <= 0.5 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2025-43763MEDIUMA server-side request forgery (SSRF) vulnerability exist in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2EPSS 0.2%CVE-2025-26990MEDIUMWordPress Royal Elementor Addons plugin <= 1.7.1006 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.2%CVE-2025-64511HIGHMaxKB has SSRF in sandboxEPSS 0.2%CVE-2026-1249MEDIUMMP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar 5.3 - 5.10 - Authenticated (Author+) Server-Side Request ForgeryEPSS 0.2%CVE-2026-56275MEDIUMFlowise - Server-Side Request Forgery via Execute Flow Base URLEPSS 0.2%CVE-2025-47664MEDIUMWordPress WP Pipes <= 1.4.2 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.2%CVE-2026-47268MEDIUMNezha Monitoring: Authenticated DDNS webhook configuration allows blind SSRF from the dashboard hostEPSS 0.2%CVE-2025-14290MEDIUMIBM webMethods Integration Sever is vulnerable to server-side request forgeryEPSS 0.2%CVE-2026-48522MEDIUMPyJWKClient: missing scheme allowlist enables SSRF + token forgery via file://, ftp://, data: schemesEPSS 0.2%CVE-2026-12986HIGHA critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows thEPSS 0.2%CVE-2026-27170HIGHOpenSift: SSRF risk in URL ingestion endpointEPSS 0.2%CVE-2026-0746MEDIUMAI Engine <= 3.3.2 - Authenticated (Subscriber+) Server-Side Request ForgeryEPSS 0.2%CVE-2025-52567LOWGLPI has overly permissive URL verificationEPSS 0.2%CVE-2026-40516HIGHOpenHarness SSRF via web_fetch and web_searchEPSS 0.2%CVE-2026-33185MEDIUMDiscourse: Group SMTP test endpoint susceptible to SSRFEPSS 0.2%