Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-918 (服务端请求伪造(SSRF)) — Vulnerability Class 1481

1481 vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68696 httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage — httparty 9.1AICriticalAI2025-12-23
CVE-2025-67743 Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service — local-deep-research 6.3 Medium2025-12-23
CVE-2021-47715 Hasura GraphQL 1.3.3 Server-Side Request Forgery via Remote Schema Injection — Hasura GraphQL 5.3 Medium2025-12-22
CVE-2025-68477 Langflow vulnerable to Server-Side Request Forgery — langflow 7.7 High2025-12-19
CVE-2025-13999 HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 2.4.0 - 2.5.1 - Unauthenticated Server-Side Request Forgery — HTML5 Audio Player – The Ultimate No-Code Podcast, MP3 & Audio Player 7.2 High2025-12-19
CVE-2025-64663 Custom Question Answering Elevation of Privilege Vulnerability — Azure Cognitive Service for Language 9.9 Critical2025-12-18
CVE-2025-14277 Prime Slider – Addons for Elementor <= 4.0.9 - Authenticated (Subscriber+) Server-Side Request Forgery — Prime Slider – Addons for Elementor 4.3 Medium2025-12-18
CVE-2025-68150 Parse Server has Server-Side Request Forgery (SSRF) in Instagram OAuth Adapter — parse-server 9.1AICriticalAI2025-12-16
CVE-2023-53899 PodcastGenerator 3.2.9 Blind Server-Side Request Forgery via XML Injection — Unknown 9.8 Critical2025-12-16
CVE-2025-14443 Ose-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanism — Red Hat OpenShift Container Platform 4 6.4 Medium2025-12-16
CVE-2025-67989 WordPress Kerge theme <= 4.1.3 - Server Side Request Forgery (SSRF) vulnerability — Kerge 5.4 Medium2025-12-16
CVE-2023-53893 Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability — TITAN 4.3AIMediumAI2025-12-15
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager — Kubernetes 5.8 Medium2025-12-14
CVE-2025-11970 Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking | SEO Optimized | Fully Automated <= 1.0.9 - Authenticated (Admin+) Server-Side Request Forgery — Emplibot – AI Content Writer with Keyword Research, Infographics, and Linking | SEO Optimized | Fully Automated 4.4 Medium2025-12-13
CVE-2025-14518 PowerJob Network Request PingPongUtils.java checkConnectivity server-side request forgery — PowerJob 6.3 Medium2025-12-11
CVE-2025-14516 Yalantis uCrop URL com.yalantis.ucrop.task.BitmapLoadTask.java downloadFile server-side request forgery — uCrop 6.3 Medium2025-12-11
CVE-2025-11467 RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator <= 5.1.1 - Unauthenticated Blind Server-Side Request Forgery — RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator 5.8 Medium2025-12-11
CVE-2020-36884 BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF — BrightSign Digital Signage Diagnostic Web Server 5.3AIMediumAI2025-12-10
CVE-2025-67494 ZITADEL Vulnerable to Unauthenticated Full-Read SSRF via V2 Login — zitadel 9.3 Critical2025-12-09
CVE-2021-47703 OpenBMCS Server Side Request Forgery (SSRF) via /php/query.php — OpenBMCS 6.5AIMediumAI2025-12-09
CVE-2025-63010 WordPress Hercules Core plugin <= 7.4 - Server Side Request Forgery (SSRF) vulnerability — Hercules Core 4.9 Medium2025-12-09
CVE-2025-12832 IBM InfoSphere Information Server Server-Side Request Forgery — InfoSphere Information Server 4.6 Medium2025-12-08
CVE-2025-26487 Server Side Request Forgery (SSRF) in the web server of Infinera MTC-9 — MTC-9 8.6 High2025-12-08
CVE-2025-14116 xerrors Yuxi-Know embed.py OtherEmbedding.aencode server-side request forgery — Yuxi-Know 4.7 Medium2025-12-05
CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF — Apache HTTP Server 5.3 -2025-12-05
CVE-2025-65958 Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web — open-webui 8.5 High2025-12-04
CVE-2025-14008 dayrui XunRuiCMS Project Domain Change Test admin79f2ec220c7e.php server-side request forgery — XunRuiCMS 4.7 Medium2025-12-04
CVE-2025-14004 dayrui XunRuiCMS Email Setting admind45f74adbd95.php server-side request forgery — XunRuiCMS 4.7 Medium2025-12-04
CVE-2025-20388 Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise — Splunk Enterprise 2.7 Low2025-12-03
CVE-2025-13872 Blind Server-Side Request Forgery (SSRF) in the survey-import feature of ObjectPlanet Opinio — Opinio 9.1AICriticalAI2025-12-02

Vulnerabilities classified as CWE-918 (服务端请求伪造(SSRF)) represent 1481 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.