Falhas do tipo CWE-918
2.182 resultadosCVE-2021-38132MEDIUMPossible External service interaction VulnerabilityEPSS 0.4%CVE-2026-35587HIGHGlances IP Plugin has SSRF via public_api that leads to credential leakageEPSS 0.4%CVE-2026-23845MEDIUMMailpit Vulnerable to Server-Side Request Forgery (SSRF) via HTML Check APIEPSS 0.4%CVE-2024-33857CRITICALAn issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-levEPSS 0.4%CVE-2025-10329MEDIUMcdevroe unmark Marks.php server-side request forgeryEPSS 0.4%CVE-2025-4967CRITICALServer Side Request Forgery (SSRF) vulnerability in Portal for ArcGISEPSS 0.4%CVE-2026-33679MEDIUMVikunja has SSRF via OpenID Connect Avatar Download that Bypasses Webhook SSRF ProtectionsEPSS 0.4%CVE-2022-1751HIGHSkitter Slideshow <= 2.5.2 - Unauthenticated Server-Side Request ForgeryEPSS 0.4%CVE-2025-27777HIGHApplio allows SSRF and file write in model_download.pyEPSS 0.4%CVE-2025-60279CRITICALA server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary rEPSS 0.4%CVE-2025-46341HIGHPrivilege escalation via SSRF when using HTTP authEPSS 0.4%CVE-2026-26324HIGHOpenClaw has a SSRF guard bypass via full-form IPv4-mapped IPv6 (loopback / metadata reachable)EPSS 0.4%CVE-2024-13450LOWContact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.4%CVE-2025-25194MEDIUMServer-Side Request Forgery (SSRF) in activitypub_federationEPSS 0.4%CVE-2026-30247MEDIUMWeKnora: SSRF via RedirectionEPSS 0.4%CVE-2025-14516MEDIUMYalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgeryEPSS 0.4%CVE-2024-46947MEDIUMNorthern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.EPSS 0.4%CVE-2025-5186MEDIUMthinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgeryEPSS 0.4%CVE-2024-13904MEDIUMPlatform.ly for WooCommerce <= 1.1.6 - Unauthenticated Blind Server-Side Request ForgeryEPSS 0.4%CVE-2026-42353HIGHPath traversal / SSRF in i18next-http-middleware via user-controlled language and namespace parametersEPSS 0.4%