Weaknesses of type CWE-918
2,203 resultsCVE-2026-7094MEDIUMShadowCloneLabs GlutamateMCPServers puppeteer_navigate index.ts server-side request forgeryEPSS 0.3%CVE-2026-56399MEDIUMOpen WebUI - Server-Side Request Forgery via Location Redirect in /api/v1/retrieval/process/webEPSS 0.3%CVE-2025-59837HIGHastro allows bypass of image proxy domain validation leading to SSRF and potential XSSEPSS 0.3%CVE-2026-44439MEDIUMLookyLoo - PlaywrightCapture permits access to local files and internal network resources during page captureEPSS 0.3%CVE-2025-45474HIGHmaccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings.EPSS 0.3%CVE-2025-52455MEDIUMServer-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows, Linux (EPS Server modules) allows Resource LocatioEPSS 0.3%CVE-2026-39885HIGHFrontMCP Affected by SSRF via $ref Dereferencing in Untrusted OpenAPI SpecificationsEPSS 0.3%CVE-2019-25451MEDIUMphpMoAdmin 1.1.5 Cross-Site Request Forgery via moadmin.phpEPSS 0.3%CVE-2025-10395MEDIUMMagicblack MacCMS Scheduled Task col_url server-side request forgeryEPSS 0.3%CVE-2025-24701MEDIUMWordPress Chained Quiz Plugin <= 1.3.2.9 - Server Side Request Forgery (SSRF) vulnerabilityEPSS 0.3%CVE-2026-44015HIGHNginx UI: Server-Side Request Forgery (SSRF) via Cluster Proxy Middleware Allows Access to Internal ServicesEPSS 0.3%CVE-2025-10397MEDIUMMagicblack MacCMS API server-side request forgeryEPSS 0.3%CVE-2026-22247MEDIUMGLPI is Vulnerable to SSRF via WebhooksEPSS 0.3%CVE-2025-26515HIGHCVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale)EPSS 0.3%CVE-2026-0258MEDIUMPAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL FetchingEPSS 0.3%CVE-2023-4878MEDIUMServer-Side Request Forgery (SSRF) in instantsoft/icms2EPSS 0.3%CVE-2024-30420MEDIUMServer-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series verEPSS 0.3%CVE-2025-31009MEDIUMWordPress IndieBlocks plugin <= 0.13.1 - Server Side Request Forgery (SSRF) VulnerabilityEPSS 0.3%CVE-2025-7103MEDIUMBoyunCMS curl Index.php server-side request forgeryEPSS 0.3%CVE-2026-39974HIGHn8n-MCP has an Authenticated SSRF via instance-URL header in multi-tenant HTTP modeEPSS 0.3%