CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,678 vulnerabilities with CWE-918
CVE-2026-6625 HIGH
moxi624 Mogu Blog v2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl server-side request forgery
CVSS 7.3
CVE-2026-6618 MEDIUM
langgenius dify ApiBasedToolSchemaParser parser.py parse_openai_plugin_json_to_tool_bundle server-side request forgery
CVSS 6.3
CVE-2026-6617 MEDIUM
langgenius dify ApiToolManageService api_tools_manage_service.py get_api_tool_provider_remote_schema server-side request forgery
CVSS 6.3
CVE-2026-6616 MEDIUM
TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery
CVSS 6.3
CVE-2026-6606 HIGH
modelscope agentscope _agent_base.py _process_audio_block server-side request forgery
CVSS 7.3
CVE-2026-6605 HIGH
modelscope agentscope Internal Service _common.py _get_bytes_from_web_url server-side request forgery
CVSS 7.3
CVE-2026-6604 HIGH
modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side request forgery
CVSS 7.3
CVE-2026-6587 MEDIUM
vibrantlabsai RAGAS Collections util.py _try_process_url server-side request forgery
CVSS 6.3
CVE-2026-6573 MEDIUM
PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery
CVSS 6.3
CVE-2026-40348 HIGH
Movary has Authenticated SSRF via Jellyfin Server URL Verification that Allows Internal Network Probing
CVSS 7.7
CVE-2026-40346 MEDIUM
NocoBase has SSRF in Workflow HTTP Request and Custom Request Plugins
CVSS 6.5
CVE-2026-40516 HIGH
OpenHarness SSRF via web_fetch and web_search
CVSS 8.3
CVE-2026-6497 MEDIUM
prasathmani TinyFileManager File Upload filemanager.php server-side request forgery
CVSS 6.3
CVE-2026-31317 HIGH
CraftQL <=1.3.7 - Server-Side Request Forgery Code Execution
CVSS 7.5
CVE-2026-5131 MEDIUM
Server-Side Request Forgery in GREENmod
CVE-2026-5052 MEDIUM
Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS
CVSS 5.3
CVE-2026-40500 MEDIUM
ProcessWire CMS SSRF via Add Module From URL
CVSS 6.8
CVE-2026-39845 MEDIUM
Weblate: SSRF via the webhook add-on using unprotected fetch_url()
CVSS 4.1
CVE-2026-34244 MEDIUM
Weblate: SSRF via Project-Level Machinery Configuration
CVSS 5.0
CVE-2026-33440 MEDIUM
Weblate: Authenticated SSRF via redirect bypass of ALLOWED_ASSET_DOMAINS in screenshot URL uploads
CVSS 5.0
CVE-2026-35032 HIGH
Jellyfin: Potential SSRF + Arbitrary file read via LiveTV M3U tuner
CVSS 8.1
CVE-2026-34160 HIGH
Chamilo LMS: Unauthenticated SSRF via PENS Plugin allows attacker to probe internal network and reach cloud metadata services
CVSS 8.6
CVE-2026-33715 HIGH
Chamilo LMS has Unauthenticated SSRF and Open Email Relay via install.ajax.php test_mailer action
CVSS 7.2
CVE-2026-38527 HIGH
Krayin Laravel CRM - Server-Side Request Forgery via Webhooks Create Endpoint
CVSS 8.5
CVE-2026-34225 MEDIUM
Open WebUI has Blind Server Side Request Forgery in its Image Edit Functionality
CVSS 4.3
Details
Vulnerabilities 2,678
Links
MITRE CWE Entry Search this CWE With Exploits