CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,678 vulnerabilities with CWE-918
CVE-2026-6514 HIGH
InfusedWoo Pro <= 5.1.2 - Unauthenticated Arbitrary File Read via 'url' Parameter
CVSS 7.5
CVE-2026-7471 LOW
Server-Side Request Forgery (SSRF) in GitLab
CVSS 3.5
CVE-2026-44441 MEDIUM
ERPNext: Possible SSRF by any authenticated user
CVSS 5.0
CVE-2026-44439 HIGH
LookyLoo - PlaywrightCapture permits access to local files and internal network resources during page capture
CVSS 7.5
CVE-2026-8328 MEDIUM
FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address
CVE-2026-44363 MEDIUM
Unsafe remote resource fetching in expansion misp-modules
CVE-2026-0258 MEDIUM
PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching
CVE-2026-44578 HIGH
Next.js: Server-side request forgery in applications using WebSocket upgrades
CVSS 8.6
CVE-2026-5773 HIGH
curl 8.7.0-8.19.0 - Server-Side Request Forgery via SMB Connection Reuse
CVSS 7.5
CVE-2026-44015 HIGH
Nginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal Services
CVSS 8.5
CVE-2026-41195 MEDIUM
mosparo: Rule package source URL stored SSRF enables internal HTTP probing
CVSS 5.0
CVE-2026-34647 HIGH
Adobe Commerce | Server-Side Request Forgery (SSRF) (CWE-918)
CVSS 7.4
CVE-2026-43929 HIGH
ssrfcheck: Server-Side Request Forgery (SSRF) and Incomplete List of Disallowed Inputs
CVSS 8.2
CVE-2026-42175 MEDIUM
requests-hardened: Server-Side Request Forgery (SSRF) in requests-hardened RFC 6598
CVSS 6.5
CVE-2026-42141 HIGH
Xibo: Authenticated Server-Side Request Forgery (SSRF) in Library Upload via URL functionality
CVSS 7.7
CVE-2026-43993 HIGH
JunoClaw: SSRF in WAVS computeDataVerify allows cloud-metadata and internal-service access
CVSS 8.2
CVE-2026-30810 HIGH
Server-Side Request Forgery in API Checker leads to Privilege Escalation
CVSS 8.8
CVE-2026-42260 HIGH
Open-WebSearch: SSRF in `fetchWebContent` MCP tool: bracketed IPv6 literals and non-resolving hostname check bypass `isPrivateOrLocalHostname`
CVSS 8.2
CVE-2026-43897 HIGH
Link Preview JS: vunerable to IPv6 and internal loopback attacks
CVE-2026-43884 HIGH
WWBN AVideo: SSRF Protection Bypass via HTTP Redirect and DNS Rebinding in isSSRFSafeURL()
CVSS 7.7
CVE-2026-43879 MEDIUM
WWBN AVideo: Blind SSRF in YPTWallet Donation Webhook via Missing isSSRFSafeURL() Check and CURLOPT_FOLLOWLOCATION Redirect Bypass
CVSS 5.4
CVE-2026-42188 LOW
Geyser: Server-Side Request Forgery (SSRF) via Player Head Texture URL
CVSS 2.4
CVE-2026-8320 MEDIUM
jishenghua jshERP updatePlatformConfigByKey Endpoint UserService.java getUserByWeixinCode server-side request forgery
CVSS 4.7
CVE-2026-42864 CRITICAL
FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft
CVSS 9.9
CVE-2026-45000 MEDIUM
OpenClaw < 2026.4.20 - Server-Side Request Forgery via Browser CDP Profile Creation
CVSS 5.0
Details
Vulnerabilities 2,678
Links
MITRE CWE Entry Search this CWE With Exploits