CWE-918

Server-Side Request Forgery (SSRF)

Parent: CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

2,441 vulnerabilities with CWE-918
CVE-2026-32871 CRITICAL
FastMCP OpenAPI Provider has an SSRF & Path Traversal Vulnerability
CVSS 10.0
CVE-2026-0688 MEDIUM
Webmention <= 5.6.2 - Authenticated (Subscriber+) Server-Side Request Forgery
CVSS 6.4
CVE-2026-0686 HIGH
Webmention <= 5.6.2 - Unauthenticated Blind Server-Side Request Forgery
CVSS 7.2
CVE-2026-5323 MEDIUM
priyankark a11y-mcp index.js A11yServer server-side request forgery
CVSS 5.3
CVE-2026-34515 HIGH
AIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows
CVSS 7.5
CVE-2026-34746 HIGH
Payload has Authenticated SSRF via Upload Functionality
CVSS 7.7
CVE-2026-34076 HIGH
Clerk JavaScript: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended host
CVSS 7.4
CVE-2026-33990 CRITICAL
Docker Model Runner OCI Registry Client Vulnerable to Server-Side Request Forgery (SSRF)
CVSS 9.1
CVE-2026-20041 MEDIUM
Cisco Nexus Dashboard Server Side Request Forgery Vulnerability
CVSS 6.1
CVE-2026-4989 MEDIUM
Devolutions Server < 2026.1.11 - Information Disclosure
CVSS 4.3
CVE-2026-0932 HIGH
M-files Corporation M-files Server < 26.3.15818.5 - SSRF
CVSS 7.3
CVE-2026-5259 MEDIUM
AutohomeCorp frostmourne Alarm Preview AlarmController.java server-side request forgery
CVSS 6.3
CVE-2026-34443 MEDIUM
FreeScout: SSRF protection bypass via broken CIDR check in checkIpByMask()
CVSS 5.3
CVE-2026-34740 MEDIUM
AVideo: Stored SSRF via Video EPG Link Missing isSSRFSafeURL() Validation
CVSS 6.5
CVE-2026-34367 HIGH
InvoiceShelf: SSRF in Invoice PDF Rendering via Unsanitised HTML in Notes Field
CVSS 7.6
CVE-2026-34366 HIGH
InvoiceShelf: SSRF in Payment Receipt PDF Rendering via Unsanitised HTML in Notes Field
CVSS 7.6
CVE-2026-34365 HIGH
InvoiceShelf: SSRF in Estimate PDF Rendering via Unsanitised HTML in Notes Field
CVSS 7.6
CVE-2026-33185 MEDIUM
Discourse: Group SMTP test endpoint susceptible to SSRF
CVSS 5.0
CVE-2026-5205 MEDIUM
chatwoot Webhook API trigger.rb Trigger server-side request forgery
CVSS 6.3
CVE-2026-34360 MEDIUM
HAPI FHIR: Unauthenticated Blind SSRF via /loadIG Endpoint Enables Internal Network Probing
CVSS 5.8
CVE-2026-34504 HIGH
OpenClaw < 2026.3.28 - Server-Side Request Forgery via Unguarded Image Download in fal Provider
CVSS 8.3
CVE-2026-34163 HIGH
Server-Side Request Forgery via MCP Tools Endpoint in FastGPT
CVSS 7.7
CVE-2026-34162 CRITICAL
FastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key Theft
CVSS 10.0
CVE-2026-3881 MEDIUM
Performance Monitor <= 1.0.6 - Unauthenticated Blind SSRF
CVSS 5.8
CVE-2026-34881 MEDIUM
Openstack Glance < 29.1.1 - SSRF
CVSS 5.0
Details
Vulnerabilities 2,441
Links
MITRE CWE Entry Search this CWE With Exploits