Total
1819 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-36037 | 1 Ibm | 1 Webmethods Integration | 2025-10-03 | N/A | 5.4 MEDIUM |
| IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. | |||||
| CVE-2025-10735 | 2025-10-02 | N/A | 4.0 MEDIUM | ||
| The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2024-34361 | 1 Pi-hole | 1 Pi-hole | 2025-10-02 | N/A | 8.5 HIGH |
| Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. A vulnerability in versions prior to 5.18.3 allows an authenticated user to make internal requests to the server via the `gravity_DownloadBlocklistFromUrl()` function. Depending on some circumstances, the vulnerability could lead to remote command execution. Version 5.18.3 contains a patch for this issue. | |||||
| CVE-2025-54234 | 1 Adobe | 1 Coldfusion | 2025-10-01 | N/A | 2.7 LOW |
| ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to limited file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction. | |||||
| CVE-2024-11836 | 1 Plextrac | 1 Plextrac | 2025-10-01 | N/A | 7.5 HIGH |
| Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system resources.This issue affects PlexTrac: from 1.61.3 before 2.8.1. | |||||
| CVE-2024-43710 | 1 Elastic | 1 Kibana | 2025-09-30 | N/A | 4.3 MEDIUM |
| A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that return JSON could be accessed. This can be carried out by users with read access to Fleet. | |||||
| CVE-2025-36560 | 1 Appleple | 1 A-blog Cms | 2025-09-30 | N/A | 8.6 HIGH |
| Server-side request forgery vulnerability exists in a-blog cms multiple versions. If this vulnerability is exploited, a remote unauthenticated attacker may gain access to sensitive information by sending a specially crafted request. | |||||
| CVE-2025-6517 | 1 Maxkey | 1 Maxkey | 2025-09-30 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-webs\maxkey-web-mgt\src\main\java\org\dromara\maxkey\web\apps\contorller\SAML20DetailsController.java of the component Meta URL Handler. The manipulation of the argument post leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-20332 | 1 Cisco | 1 Identity Services Engine | 2025-09-30 | N/A | 5.5 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials. | |||||
| CVE-2024-32964 | 1 Lobehub | 1 Lobe Chat | 2025-09-30 | N/A | 9.0 CRITICAL |
| Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Prior to 0.150.6, lobe-chat had an unauthorized Server-Side Request Forgery vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause Server-Side Request Forgery without logging in, attack intranet services, and leak sensitive information. | |||||
| CVE-2023-6388 | 1 Salesagility | 1 Suitecrm | 2025-09-29 | N/A | 5.0 MEDIUM |
| Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF. | |||||
| CVE-2020-36851 | 2025-09-26 | N/A | N/A | ||
| Rob -- W / cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets (SSRF). Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services, retrieve instance role credentials or other sensitive metadata, and interact with internal APIs and services that are not intended to be internet-facing. The vulnerability is exploitable by sending crafted requests to the proxy with the target resource encoded in the URL; many cors-anywhere deployments forward arbitrary methods and headers (including PUT), which can permit exploitation of IMDSv2 workflows as well as access to internal management APIs. Successful exploitation can result in theft of cloud credentials, unauthorized access to internal services, remote code execution or privilege escalation (depending on reachable backends), data exfiltration, and full compromise of cloud resources. Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections. | |||||
| CVE-2025-60181 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| Server-Side Request Forgery (SSRF) vulnerability in silence Silencesoft RSS Reader allows Server Side Request Forgery. This issue affects Silencesoft RSS Reader: from n/a through 0.6. | |||||
| CVE-2025-10137 | 2025-09-26 | N/A | 5.4 MEDIUM | ||
| The Snow Monkey theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 29.1.5 via the request() function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | |||||
| CVE-2025-55139 | 1 Ivanti | 4 Connect Secure, Neurons For Secure Access, Policy Secure and 1 more | 2025-09-24 | N/A | 6.8 MEDIUM |
| SSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with admin privileges to enumerate internal services. | |||||
| CVE-2025-42907 | 2025-09-24 | N/A | 4.3 MEDIUM | ||
| SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system. | |||||
| CVE-2025-59055 | 1 Instantcms | 1 Instantcms | 2025-09-24 | N/A | 4.7 MEDIUM |
| InstantCMS is a free and open source content management system. A blind Server-Side Request Forgery (SSRF) vulnerability in InstantCMS up to and including 2.17.3 allows authenticated remote attackers to make nay HTTP/HTTPS request via the package parameter. It is possible to make any HTTP/HTTPS request to any website in installer functionality. Due to such vulnerability it is possible to for example scan local network, call local services and its functions, conduct a DoS attack, and/or disclose a server's real IP if it's behind a reverse proxy. It is also possible to exhaust server resources by sending plethora of such requests. As of time of publication, no patched releases are available. | |||||
| CVE-2025-59527 | 1 Flowiseai | 1 Flowise | 2025-09-23 | N/A | 7.5 HIGH |
| Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, a Server-Side Request Forgery (SSRF) vulnerability was discovered in the /api/v1/fetch-links endpoint of the Flowise application. This vulnerability allows an attacker to use the Flowise server as a proxy to access internal network web services and explore their link structures. This issue has been patched in version 3.0.6. | |||||
| CVE-2025-57055 | 1 Wondercms | 1 Wondercms | 2025-09-23 | N/A | 6.5 MEDIUM |
| WonderCMS 3.5.0 is vulnerable to Server-Side Request Forgery (SSRF) in the custom module installation functionality. An authenticated administrator can supply a malicious URL via the pluginThemeUrl POST parameter. The server fetches the provided URL using curl_exec() without sufficient validation, allowing the attacker to force internal or external HTTP requests. | |||||
| CVE-2025-26515 | 1 Netapp | 1 Storagegrid | 2025-09-23 | N/A | 7.5 HIGH |
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an unauthenticated attacker to change the password of any Grid Manager or Tenant Manager non-federated user. | |||||