Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-918

CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,681 vulnerabilities with CWE-918

CVE-2026-39361 HIGH

OpenObserve <=0.70.3 validate_enrichment_url - Server-Side Request Forgery Bypass

CVE-2026-35572 MEDIUM

SSRF via Referer header in ChurchCRM allows server-side HTTP/HTTPS requests to arbitrary hosts

CVE-2026-35516 MEDIUM

LinkAce has SSRF via CheckLinksCommand - Link URL Update Bypasses laravel-html-meta Protection

CVE-2026-35486 HIGH

text-generation-webui <4.3 superbooga Extensions - Server-Side Request Forgery

CVE-2026-35461 MEDIUM

Papra <26.4.0 Webhook URL - Blind Server-Side Request Forgery

CVE-2026-35409 HIGH

Directus <11.16.0 File Import - Server-Side Request Forgery Bypass

CVE-2026-35459 CRITICAL

pyLoad has SSRF fix bypass via HTTP redirect

CVE-2026-35187 HIGH

pyLoad has SSRF in parse_urls API endpoint via unvalidated URL parameter

CVE-2026-35037 HIGH

Ech0 affected by unauthenticated SSRF in GetWebsiteTitle allows access to internal services and cloud metadata

CVE-2026-35036 HIGH

Ech0 Affected by Unauthenticated Server-Side Request Forgery in Website Preview Feature

CVE-2026-34981 MEDIUM

whisperX REST API: SSRF in download_from_url() — URL validation happens after HTTP request, extension bypass via .mp3

CVE-2026-34753 MEDIUM

vLLM affected by Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

CVE-2026-33752 HIGH

Redirect-based SSRF leading to internal network access in curl_cffi (with TLS impersonation bypass)

CVE-2026-33540 HIGH

Distribution affected by pull-through cache credential exfiltration via www-authenticate bearer realm

CVE-2026-5633 HIGH

assafelovic gpt-researcher ws Endpoint server-side request forgery

CVE-2026-5623 MEDIUM

hcengineering Huly Platform Import Endpoint index.ts server-side request forgery

CVE-2026-5618 MEDIUM

kalcaddle kodbox shareMake/shareCheck server-side request forgery

CVE-2026-5607 MEDIUM

imprvhub mcp-browser-agent URL Parameter handlers.ts CallToolRequestSchema server-side request forgery

CVE-2026-5538 MEDIUM

QingdaoU OnlineJudge judge_server_heartbeat Endpoint JudgeServer.service_url server-side request forgery

CVE-2026-5530 MEDIUM

Ollama Model Pull API download.go server-side request forgery

CVE-2026-34954 HIGH

PraisonAI: SSRF in FileTools.download_file() via Unvalidated URL

CVE-2026-34936 HIGH

PraisonAI: SSRF via Unvalidated api_base in passthrough() Fallback

CVE-2026-22664 HIGH

prompts.chat SSRF via Fal.ai Media Status Polling

CVE-2026-22662 MEDIUM

prompts.chat Blind SSRF via media-generate

CVE-2026-28798 CRITICAL

Arbitrary internal service access via /v1/sys/proxy when Cloudflare Tunnel is enabled on ZimaOS

Previous Page 16 of 108 Next

Details

Vulnerabilities 2,681

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy