Total
1861 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-12376 | 1 Lm-sys | 1 Fastchat | 2025-07-31 | N/A | 7.5 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows an attacker to access internal server resources and data that are otherwise inaccessible, such as AWS metadata credentials. | |||||
| CVE-2025-4967 | 1 Esri | 1 Portal For Arcgis | 2025-07-30 | N/A | 9.1 CRITICAL |
| Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the Portal’s SSRF protections. | |||||
| CVE-2025-2243 | 1 Bitdefender | 1 Gravityzone | 2025-07-30 | N/A | 7.3 HIGH |
| A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1. | |||||
| CVE-2024-10044 | 1 Lm-sys | 1 Fastchat | 2025-07-29 | N/A | 9.3 CRITICAL |
| A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's credentials to perform unauthorized web actions or access unauthorized web resources by combining it with the POST /register_worker endpoint. | |||||
| CVE-2024-2206 | 1 Gradio Project | 1 Gradio | 2025-07-29 | N/A | 6.5 MEDIUM |
| An SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function. | |||||
| CVE-2024-11603 | 1 Lm-sys | 1 Fastchat | 2025-07-29 | N/A | 7.5 HIGH |
| A Server-Side Request Forgery (SSRF) vulnerability exists in lm-sys/fastchat version 0.2.36. The vulnerability is present in the `/queue/join?` endpoint, where insufficient validation of the path parameter allows an attacker to send crafted requests. This can lead to unauthorized access to internal networks or the AWS metadata endpoint, potentially exposing sensitive data and compromising internal servers. | |||||
| CVE-2024-2049 | 1 Citrix | 24 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 21 more | 2025-07-25 | N/A | 6.5 MEDIUM |
| Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP. | |||||
| CVE-2025-8020 | 2025-07-25 | N/A | 8.2 HIGH | ||
| All versions of the package private-ip are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide an IP or hostname that resolves to a multicast IP address (224.0.0.0/4) which is not included as part of the private IP ranges in the package's source code. | |||||
| CVE-2025-5818 | 2025-07-25 | N/A | 5.5 MEDIUM | ||
| The Featured Image Plus – Quick & Bulk Edit with Unsplash plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.4 via the fip_get_image_options() function. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2025-20288 | 1 Cisco | 2 Unified Contact Center Express, Unified Intelligence Center | 2025-07-22 | N/A | 5.8 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. | |||||
| CVE-2025-52362 | 2025-07-22 | N/A | 9.1 CRITICAL | ||
| Server-Side Request Forgery (SSRF) vulnerability exists in the URL processing functionality of PHProxy version 1.1.1 and prior. The input validation for the _proxurl parameter can be bypassed, allowing a remote, unauthenticated attacker to submit a specially crafted URL | |||||
| CVE-2025-52163 | 2025-07-22 | N/A | 6.5 MEDIUM | ||
| A Server-Side Request Forgery (SSRF) in the component TunnelServlet of agorum Software GmbH Agorum core open v11.9.2 & v11.10.1 allows attackers to forcefully initiate connections to arbitrary internal and external resources via a crafted request. This can lead to sensitive data exposure. | |||||
| CVE-2025-46385 | 2025-07-22 | N/A | 8.6 HIGH | ||
| CWE-918 Server-Side Request Forgery (SSRF) | |||||
| CVE-2025-54122 | 2025-07-22 | N/A | 10.0 CRITICAL | ||
| Manager-io/Manager is accounting software. A critical unauthenticated full read Server-Side Request Forgery (SSRF) vulnerability has been identified in the proxy handler component of both manager Desktop and Server edition versions up to and including 25.7.18.2519. This vulnerability allows an unauthenticated attacker to bypass network isolation and access restrictions, potentially enabling access to internal services, cloud metadata endpoints, and exfiltration of sensitive data from isolated network segments. This vulnerability is fixed in version 25.7.21.2525. | |||||
| CVE-2024-7959 | 1 Openwebui | 1 Open Webui | 2025-07-21 | N/A | 7.7 HIGH |
| The `/openai/models` endpoint in open-webui/open-webui version 0.3.8 is vulnerable to Server-Side Request Forgery (SSRF). An attacker can change the OpenAI URL to any URL without checks, causing the endpoint to send a request to the specified URL and return the output. This vulnerability allows the attacker to access internal services and potentially gain command execution by accessing instance secrets. | |||||
| CVE-2025-27907 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2025-07-18 | N/A | 4.1 MEDIUM |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | |||||
| CVE-2025-6851 | 1 Pluginrx | 1 Broken Link Notifier | 2025-07-17 | N/A | 7.2 HIGH |
| The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajax_blinks() function which ultimately calls the check_url_status_code() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2024-9408 | 1 Eclipse | 1 Glassfish | 2025-07-16 | N/A | 9.8 CRITICAL |
| In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints. | |||||
| CVE-2025-2828 | 1 Langchain | 1 Langchain | 2025-07-16 | N/A | 10.0 CRITICAL |
| A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does not enforce restrictions on requests to remote internet addresses, allowing it to also access local addresses. As a result, an attacker could exploit this flaw to perform port scans, access local services, retrieve instance metadata from cloud environments (e.g., Azure, AWS), and interact with servers on the local network. This issue has been fixed in version 0.0.28. | |||||
| CVE-2024-55910 | 2 Ibm, Linux | 2 Concert, Linux Kernel | 2025-07-16 | N/A | 6.5 MEDIUM |
| IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | |||||