Fallos del tipo CWE-918
2185 resultadosCVE-2025-63551HIGHA Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content ManEPSS 0.4%CVE-2026-24736CRITICALSquidex has Server-Side Request Forgery (SSRF) Issue in Webhook ConfigurationEPSS 0.4%CVE-2026-3788MEDIUMBytedesk SpringAIOpenrouterRestController SpringAIOpenrouterRestService.java getModels server-side request forgeryEPSS 0.4%CVE-2026-33182MEDIUMSaloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URLEPSS 0.4%CVE-2024-51242MEDIUMA Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier in ServerDeployController.java. The manipuEPSS 0.4%CVE-2026-6011MEDIUMOpenClaw assertPublicHostname web-fetch.ts server-side request forgeryEPSS 0.4%CVE-2026-25492MEDIUMCraft has a save_images_Asset graphql mutation can be abused to exfiltrate AWS credentials of underlying hostEPSS 0.4%CVE-2024-5328HIGHSSRF Vulnerability in lunary-ai/lunaryEPSS 0.4%CVE-2026-0532HIGHExternal Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini ConnectorEPSS 0.4%CVE-2023-43798MEDIUMBigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)EPSS 0.4%CVE-2024-27563MEDIUMA Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows attackers to force the application to make aEPSS 0.4%CVE-2025-46568HIGHStirling-PDF Server-Side Request Forgery (SSRF)-Induced Arbitrary File Read VulnerabilityEPSS 0.4%CVE-2025-28091CRITICALmaccms10 v2025.1000.4047 has a Server-Side Request Forgery (SSRF) vulnerability via Add Article.EPSS 0.4%CVE-2025-11648MEDIUMTomofun Furbo 360/Furbo Mini GATT Interface URL TF_FQDN.json server-side request forgeryEPSS 0.4%CVE-2025-28089CRITICALmaccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery (SSRF) via the Scheduled Task function.EPSS 0.4%CVE-2026-34162CRITICALFastGPT: Unauthenticated SSRF via httpTools Endpoint Leads to Internal API Key TheftEPSS 0.4%CVE-2024-27898MEDIUMServer-Side Request Forgery in SAP NetWeaverEPSS 0.4%CVE-2025-31116MEDIUMMobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS RebindingEPSS 0.4%CVE-2025-8772MEDIUMVinades NukeViet Module index.php server-side request forgeryEPSS 0.4%CVE-2025-31490HIGHAutoGPT allows SSRF due to DNS Rebinding in requests wrapperEPSS 0.4%