Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-918

CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,681 vulnerabilities with CWE-918

CVE-2026-34443 MEDIUM

FreeScout: SSRF protection bypass via broken CIDR check in checkIpByMask()

CVE-2026-34740 MEDIUM

AVideo: Stored SSRF via Video EPG Link Missing isSSRFSafeURL() Validation

CVE-2026-34367 HIGH

InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field

CVE-2026-34366 HIGH

InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field

CVE-2026-34365 HIGH

InvoiceShelf: SSRF in Estimate PDF Rendering via Unsanitised HTML in Notes Field

CVE-2026-33185 MEDIUM

Discourse: Group SMTP test endpoint susceptible to SSRF

CVE-2026-5205 MEDIUM

chatwoot Webhook API trigger.rb Trigger server-side request forgery

CVE-2026-34360 MEDIUM

HAPI FHIR: Unauthenticated Blind SSRF via /loadIG Endpoint Enables Internal Network Probing

CVE-2026-34504 HIGH

OpenClaw < 2026.3.28 - Server-Side Request Forgery via Unguarded Image Download in fal Provider

CVE-2026-34163 HIGH

Server-Side Request Forgery via MCP Tools Endpoint in FastGPT

CVE-2026-34162 CRITICAL

FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft

CVE-2026-3881 MEDIUM

Performance Monitor WordPress Plugin <=1.0.6 - Unauthenticated Blind Server-Side Request Forgery

CVE-2026-34881 MEDIUM

OpenStack Glance <29.1.1, 30.x<30.1.1, 31.0.0 SSRF via Image Import URL Redirect

CVE-2026-4789 CRITICAL

Kyverno >=1.16.0 - CEL HTTP Function Server-Side Request Forgery

CVE-2026-27018 HIGH

Gotenberg: Chromium deny-list bypass via case-insensitive URL scheme

CVE-2026-31804 MEDIUM

Tautulli: Unauthenticated pms_image_proxy endpoint proxies arbitrary HTTP requests through the Plex Media Server

CVE-2026-29925 HIGH

Invoice Ninja 5.12.46 and 5.12.48 - CheckDatabaseRequest Server-Side Request Forgery

CVE-2026-5126 MEDIUM

SourceCodester RSS Feed Parser file_get_contents server-side request forgery

CVE-2026-29954 HIGH

KubePlus 4.1.4 - chartURL Server-Side Request Forgery and Header Injection

CVE-2026-2286 CRITICAL

CrewAI 1.0 - SSRF in RAG Search Tools

CVE-2026-0560 HIGH

Server-Side Request Forgery (SSRF) in parisneo/lollms

CVE-2026-5016 HIGH

elecV2 elecV2P URL mock eAxios server-side request forgery

CVE-2026-33992 MEDIUM

pyLoad: Server-Side Request Forgery via Download Link Submission Enables Cloud Metadata Exfiltration

CVE-2026-33953 HIGH

LinkAce's SSRF protection can be bypassed via internal hostname resolution in LinkAce

CVE-2026-31945 HIGH

LibreChat Server-Side Request Forgery using DNS resolution

Previous Page 18 of 108 Next

Details

Vulnerabilities 2,681

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy