Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-24806

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-07 Feb, 2024 | 21:44
Updated At-17 Jun, 2025 | 14:17
Rejected At-
Credits

Improper Domain Lookup that potentially leads to SSRF attacks in libuv

libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:07 Feb, 2024 | 21:44
Updated At:17 Jun, 2025 | 14:17
Rejected At:
▼CVE Numbering Authority (CNA)
Improper Domain Lookup that potentially leads to SSRF attacks in libuv

libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected Products
Vendor
libuv
Product
libuv
Versions
Affected
  • >= 1.45.0, < 1.48.0
Problem Types
TypeCWE IDDescription
CWECWE-918CWE-918: Server-Side Request Forgery (SSRF)
Type: CWE
CWE ID: CWE-918
Description: CWE-918: Server-Side Request Forgery (SSRF)
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
x_refsource_CONFIRM
https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629
x_refsource_MISC
https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70
x_refsource_MISC
https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488
x_refsource_MISC
https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2024/02/08/2
N/A
http://www.openwall.com/lists/oss-security/2024/02/11/1
N/A
https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html
N/A
http://www.openwall.com/lists/oss-security/2024/03/11/1
N/A
https://security.netapp.com/advisory/ntap-20240605-0008/
N/A
https://gitlab.kitware.com/cmake/cmake/-/issues/26112
N/A
Hyperlink: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629
Resource:
x_refsource_MISC
Hyperlink: https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70
Resource:
x_refsource_MISC
Hyperlink: https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488
Resource:
x_refsource_MISC
Hyperlink: https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39
Resource:
x_refsource_MISC
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/08/2
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/11/1
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/11/1
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20240605-0008/
Resource: N/A
Hyperlink: https://gitlab.kitware.com/cmake/cmake/-/issues/26112
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
x_refsource_CONFIRM
x_transferred
https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629
x_refsource_MISC
x_transferred
https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70
x_refsource_MISC
x_transferred
https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488
x_refsource_MISC
x_transferred
https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39
x_refsource_MISC
x_transferred
http://www.openwall.com/lists/oss-security/2024/02/08/2
x_transferred
http://www.openwall.com/lists/oss-security/2024/02/11/1
x_transferred
https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html
x_transferred
http://www.openwall.com/lists/oss-security/2024/03/11/1
x_transferred
https://security.netapp.com/advisory/ntap-20240605-0008/
x_transferred
https://gitlab.kitware.com/cmake/cmake/-/issues/26112
x_transferred
Hyperlink: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/08/2
Resource:
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/11/1
Resource:
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html
Resource:
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/11/1
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20240605-0008/
Resource:
x_transferred
Hyperlink: https://gitlab.kitware.com/cmake/cmake/-/issues/26112
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:07 Feb, 2024 | 22:15
Updated At:10 Jun, 2024 | 17:16

libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulnerability arises due to how the `hostname_ascii` variable (with a length of 256 bytes) is handled in `uv_getaddrinfo` and subsequently in `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets truncated without a terminating null byte. As a result attackers may be able to access internal APIs or for websites (similar to MySpace) that allows users to have `username.example.com` pages. Internal services that crawl or cache these user pages can be exposed to SSRF attacks if a malicious user chooses a long vulnerable username. This issue has been addressed in release version 1.48.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches

libuv
libuv
>>libuv>>Versions from 1.24.0(inclusive) to 1.48.0(exclusive)
cpe:2.3:a:libuv:libuv:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-918Primarysecurity-advisories@github.com
CWE ID: CWE-918
Type: Primary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2024/02/08/2security-advisories@github.com
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/02/11/1security-advisories@github.com
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/03/11/1security-advisories@github.com
N/A
https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629security-advisories@github.com
Patch
https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70security-advisories@github.com
Patch
https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488security-advisories@github.com
Patch
https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39security-advisories@github.com
Patch
https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6security-advisories@github.com
Exploit
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/03/msg00005.htmlsecurity-advisories@github.com
N/A
https://security.netapp.com/advisory/ntap-20240605-0008/security-advisories@github.com
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/08/2
Source: security-advisories@github.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2024/02/11/1
Source: security-advisories@github.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/11/1
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/libuv/libuv/commit/c858a147643de38a09dd4164758ae5b685f2b488
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
Source: security-advisories@github.com
Resource:
Exploit
Vendor Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/03/msg00005.html
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20240605-0008/
Source: security-advisories@github.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

71Records found

CVE-2026-2531
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 13.33%
||
7 Day CHG~0.00%
Published-16 Feb, 2026 | 02:32
Updated-23 Feb, 2026 | 10:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MindsDB File Upload security.py clear_filename server-side request forgery

A security vulnerability has been detected in MindsDB up to 25.14.1. This vulnerability affects the function clear_filename of the file mindsdb/utilities/security.py of the component File Upload. Such manipulation leads to server-side request forgery. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. The name of the patch is 74d6f0fd4b630218519a700fbee1c05c7fd4b1ed. It is best practice to apply a patch to resolve this issue.

Action-Not Available
Vendor-mindsdbn/a
Product-mindsdbMindsDB
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-27488
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.33% / 24.87%
||
7 Day CHG~0.00%
Published-21 Feb, 2026 | 09:49
Updated-24 Feb, 2026 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenClaw hardened cron webhook delivery against SSRF

OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19.

Action-Not Available
Vendor-OpenClaw
Product-openclawopenclaw
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-1233
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-0.78% / 51.75%
||
7 Day CHG~0.00%
Published-09 Apr, 2024 | 07:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Eap: wildfly-elytron has a ssrf security issue

A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-16016
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.29% / 20.78%
||
7 Day CHG~0.00%
Published-17 Jul, 2026 | 13:30
Updated-17 Jul, 2026 | 16:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
poco-ai poco-claw task.py run_task server-side request forgery

A vulnerability was identified in poco-ai poco-claw up to 0.5.4. This issue affects the function run_task of the file executor/app/api/v1/task.py. The manipulation of the argument callback_url leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The reported GitHub issue was closed automatically due to inactivity.

Action-Not Available
Vendor-poco-ai
Product-poco-claw
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-16084
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.40% / 32.42%
||
7 Day CHG~0.00%
Published-18 Jul, 2026 | 09:00
Updated-18 Jul, 2026 | 09:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sipeed PicoClaw web.go web_fetch server-side request forgery

A weakness has been identified in Sipeed PicoClaw up to 0.2.9. This impacts the function web_fetch of the file pkg/tools/integration/web.go. This manipulation causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. Patch name: c15aac21fe05ee103a470e1104bc891754e83392. To fix this issue, it is recommended to deploy a patch.

Action-Not Available
Vendor-Sipeed
Product-PicoClaw
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-15330
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.35% / 27.47%
||
7 Day CHG~0.00%
Published-10 Jul, 2026 | 04:00
Updated-10 Jul, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery

A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function _build_image_content/_download_to_data_url of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is recommended to address this issue. This patch is called e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. Upgrading the affected component is advised.

Action-Not Available
Vendor-zhayujie
Product-CowAgent
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-0510
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.88% / 55.09%
||
7 Day CHG~0.00%
Published-13 Jan, 2024 | 22:00
Updated-04 Nov, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery

A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function http_post of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250652.

Action-Not Available
Vendor-haokekejiHaoKeKeJi
Product-yiqiniuYiQiNiu
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-0946
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.62% / 45.76%
||
7 Day CHG~0.00%
Published-26 Jan, 2024 | 21:00
Updated-03 Jun, 2025 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
60IndexPage Parameter index.php server-side request forgery

A vulnerability classified as critical was found in 60IndexPage up to 1.8.5. This vulnerability affects unknown code of the file /apply/index.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252190 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-60indexpage_projectn/a
Product-60indexpage60IndexPage
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-11437
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.41% / 33.12%
||
7 Day CHG~0.00%
Published-06 Jun, 2026 | 16:30
Updated-08 Jun, 2026 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
perfree go-fastdfs-web Installation Endpoint checkServer server-side request forgery

A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-perfree
Product-go-fastdfs-web
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-10771
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.29% / 21.35%
||
7 Day CHG~0.00%
Published-03 Jun, 2026 | 21:30
Updated-04 Jun, 2026 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
crmeb crmeb_java base64 Qrcode Endpoint RestTemplateUtil.java RestTemplate.getForEntity server-side request forgery

A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/RestTemplateUtil.java of the component base64 Qrcode Endpoint. The manipulation of the argument url results in server-side request forgery. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-crmeb
Product-crmeb_java
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-10287
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.29% / 21.35%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 19:45
Updated-02 Jun, 2026 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester SEO Meta Tag Extractor index.php get_headers server-side request forgery

A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function get_headers of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Action-Not Available
Vendor-SourceCodester
Product-SEO Meta Tag Extractor
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-0932
Matching Score-4
Assigner-M-Files Corporation
ShareView Details
Matching Score-4
Assigner-M-Files Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 9.34%
||
7 Day CHG~0.00%
Published-01 Apr, 2026 | 10:03
Updated-02 Apr, 2026 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Blind server-side request forgery (SSRF) vulnerability in legacy connection methods of document co-authoring features in M-Files Server before 26.3 allow an unauthenticated attacker to cause the server to send HTTP GET requests to arbitrary URLs.

Action-Not Available
Vendor-M-Files Oy
Product-m-files_serverM-Files Server
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-10068
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.28% / 19.79%
||
7 Day CHG~0.00%
Published-29 May, 2026 | 15:45
Updated-29 May, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shibby Tomato SUBSCRIBE Call miniupnpd send server-side request forgery

A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side request forgery. The attack may be initiated remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

Action-Not Available
Vendor-Shibby
Product-Tomato
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2026-10280
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.30% / 22.44%
||
7 Day CHG~0.00%
Published-01 Jun, 2026 | 18:00
Updated-02 Jun, 2026 | 15:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
horizon921 mcpilot MCP API Call Endpoint route.ts server-side request forgery

A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Action-Not Available
Vendor-horizon921
Product-mcpilot
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-34581
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.25% / 16.01%
||
7 Day CHG~0.00%
Published-26 Jun, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was originally published with a "RetrievalMethod is a URI ... that may be used to obtain key and/or certificate information" statement and no accompanying information about SSRF risks, and this may have contributed to vulnerable implementations such as those discussed in CVE-2023-36661 and CVE-2024-21893. NOTE: this was mitigated in 1.1 and 2.0 via a directly referenced Best Practices document that calls on implementers to be wary of SSRF.

Action-Not Available
Vendor-n/aw3c
Product-n/axml_signature_syntax_and_processing
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-0945
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.3||HIGH
EPSS-0.62% / 45.76%
||
7 Day CHG~0.00%
Published-26 Jan, 2024 | 20:31
Updated-13 Nov, 2024 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
60IndexPage Parameter file.php server-side request forgery

A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. This affects an unknown part of the file /include/file.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252189 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-60indexpage_projectn/a
Product-60indexpage60IndexPage
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2022-22339
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.62% / 45.86%
||
7 Day CHG~0.00%
Published-08 Apr, 2022 | 15:30
Updated-17 Sep, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 219736.

Action-Not Available
Vendor-IBM Corporation
Product-planning_analyticsPlanning Analytics
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-45474
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 23.94%
||
7 Day CHG~0.00%
Published-29 May, 2025 | 00:00
Updated-19 Jun, 2025 | 00:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings.

Action-Not Available
Vendor-maccmsn/a
Product-maccmsn/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-61735
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.3||HIGH
EPSS-0.50% / 39.46%
||
7 Day CHG~0.00%
Published-02 Oct, 2025 | 09:47
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache Kylin: Server-Side Request Forgery

Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. You are fine as long as the Kylin's system and project admin access is well protected. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

Action-Not Available
Vendor-The Apache Software Foundation
Product-kylinApache Kylin
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2025-60541
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.23% / 13.46%
||
7 Day CHG~0.00%
Published-06 Nov, 2025 | 00:00
Updated-31 Dec, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Request Forgery (SSRF) in the /api/proxy/ component of linshenkx prompt-optimizer v1.3.0 to v1.4.2 allows attackers to scan internal resources via a crafted request.

Action-Not Available
Vendor-linshenkxn/a
Product-prompt_optimizern/a
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
CVE-2024-11618
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.9||MEDIUM
EPSS-0.58% / 43.70%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 19:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IPC Unigy Management System HTTP Request server-side request forgery

A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-IPCipc
Product-Unigy Management Systemunigy_management_system
CWE ID-CWE-918
Server-Side Request Forgery (SSRF)
  • Previous
  • 1
  • 2
  • Next
Details not found