CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,678 vulnerabilities with CWE-918
CVE-2026-45561 MEDIUM
Roxy-WI: SSRF in /smon/agent/<endpoint>/<server_ip> reachable to cloud metadata IPs
CVSS 6.5
CVE-2026-47938 CRITICAL
Adobe Campaign Classic (ACC) | Server-Side Request Forgery (SSRF) (CWE-918)
CVSS 10.0
CVE-2026-45504 HIGH
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS 8.8
CVE-2026-45503 HIGH
Microsoft Exchange Server Information Disclosure Vulnerability
CVSS 8.1
CVE-2026-45502 MEDIUM
Microsoft Exchange Server Information Disclosure Vulnerability
CVSS 5.0
CVE-2026-45501 MEDIUM
Microsoft Exchange Server Spoofing Vulnerability
CVSS 6.5
CVE-2026-41854 MEDIUM
Spring Framework Server-Side Request Forgery via UriComponentsBuilder
CVSS 4.2
CVE-2026-11469 MEDIUM
jishenghua jshERP platformConfig Add Endpoint PlatformConfigService.java insertPlatformConfig server-side request forgery
CVSS 4.7
CVE-2026-11437 HIGH
perfree go-fastdfs-web Installation Endpoint checkServer server-side request forgery
CVSS 7.3
CVE-2026-11424 HIGH
Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure
CVE-2026-46393 HIGH
haxtheweb haxcms-nodejs - HAXcms createSite SSRF Enables Arbitrary File Read
CVE-2026-46391 HIGH
HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis
CVE-2026-11346 MEDIUM
Server-Side Request Forgery (SSRF) allowing Internal Network Probing in linqi
CVE-2026-10586 HIGH
Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 6.1.3 - Authenticated (Author+) Server-Side Request Forgery
CVSS 7.2
CVE-2026-43986 CRITICAL
Tautulli vulnerable to unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replay
CVSS 9.9
CVE-2026-10771 HIGH
crmeb crmeb_java base64 Qrcode Endpoint RestTemplateUtil.java RestTemplate.getForEntity server-side request forgery
CVSS 7.3
CVE-2026-26379 MEDIUM
Koha <= 25.11 - Remote Code Execution via Z39.50 Configuration Module
CVSS 6.5
CVE-2026-20230 HIGH
Cisco Unified Communications Manager - Server-Side Request Forgery (SSRF)
CVSS 8.6
CVE-2026-10690 MEDIUM
wonderwhy-er DesktopCommanderMCP read_file filesystem.ts readFileFromUrl server-side request forgery
CVSS 6.3
CVE-2026-10662 MEDIUM
ahujasid blender-mcp ZIP File server.py requests.get server-side request forgery
CVSS 6.3
CVE-2026-49120 HIGH
Medplum < 5.1.14 SSRF via FHIR Subscription Endpoint
CVSS 8.5
CVE-2026-10583 MEDIUM
nextlevelbuilder GoClaw TTS Configuration Endpoint tts_config.go import server-side request forgery
CVSS 4.7
CVE-2026-10581 MEDIUM
DedeCMS download.php base64_decode server-side request forgery
CVSS 6.3
CVE-2026-49139 HIGH
Nanobot < 0.2.1 - Server-Side Request Forgery via Microsoft Teams Channel ServiceURL Poisoning
CVE-2026-49138 MEDIUM
Nanobot < 0.2.1 - Server-Side Request Forgery via Web Fetch Tool Redirect Following
CVSS 5.0
Details
Vulnerabilities 2,678
Links
MITRE CWE Entry Search this CWE With Exploits