Falhas do tipo CWE-918
2.157 resultadosCVE-2024-20404HIGHA vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF atEPSS 23.1%CVE-2026-33340CRITICALLoLLMs WEBUI has unauthenticated Server-Side Request Forgery (SSRF) in /api/proxy endpointEPSS 21.6%CVE-2022-0591—Formcraft3 < 3.8.28 - Unauthenticated SSRFEPSS 20.8%CVE-2024-45518HIGHAn issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before PEPSS 20.3%CVE-2024-29021CRITICALSSRF into Sandbox Escape through Unsafe Default ConfigurationEPSS 20.2%CVE-2024-54819CRITICALI, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due to improper input validation in classes/secEPSS 18.2%CVE-2025-71258MEDIUMBMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in searchWebEPSS 17.4%CVE-2022-45926HIGHAn issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-priviEPSS 17.0%CVE-2025-2828HIGHSSRF Vulnerability in RequestsToolkit in langchain-ai/langchainEPSS 14.1%CVE-2026-27826HIGHMCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headersEPSS 13.6%CVE-2025-71259MEDIUMBMC FootPrints ITSM 20.20.02 <= 20.24.01.001 Blind SSRF in externalfeed/RSSEPSS 12.9%CVE-2024-38206HIGHMicrosoft Copilot Studio Information Disclosure VulnerabilityEPSS 12.3%CVE-2021-39152HIGHA Server-Side Forgery Request vulnerability in XStream via HashMap unmarshalingEPSS 11.5%CVE-2021-27103CRITICALAccellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 EPSS 11.4%KEVCVE-2025-53760HIGHMicrosoft SharePoint Elevation of Privilege VulnerabilityEPSS 11.1%CVE-2025-54381CRITICALBentoML is Vulnerable to an SSRF Attack Through File Upload ProcessingEPSS 11.1%CVE-2024-47066CRITICALLobe Chat has insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964)EPSS 10.8%CVE-2024-43989HIGHWordPress Justified Image Grid plugin <= 4.6.1 - Unauthenticated Server Side Request Forgery (SSRF) vulnerabilityEPSS 10.5%CVE-2026-32255HIGHKan is Vulnerable to Unauthenticated SSRF via Attachment Download EndpointEPSS 10.1%CVE-2022-24856CRITICALServer-Side Request Forgery in FlyteConsoleEPSS 9.7%