Security Intel Hub 477— Search: `SSRF`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

WWBN/AVideo Stored SSRF in Live Restream Log Callback

github.com · 2026-04-08

### Vulnerability Summary **Vulnerability Overview** This vulnerability exists in the **WWBN/AVideo** project, specifically within the **Live restream log callback flow**. * **Vulnerability Type**: St…

OpenObserve SSRF Vulnerability Fix: IP Validation Logic Analysis

github.com · 2026-04-08

### Vulnerability Summary **Vulnerability Overview** A flaw exists in OpenObserve's URL validation logic, which fails to effectively block access to private IP addresses and loopback addresses. Attack…

Huly Platform SSRF Vulnerability Analysis (CVE-2026-5623)

vuldb.com · 2026-04-06

### Vulnerability Key Information Summary **1. Vulnerability Overview** * **Vulnerability Type**: Server-Side Request Forgery (SSRF). * **Detailed Description**: A critical-level vulnerability was dis…

curl_cffi SSRF via Redirect to Cloud Metadata Endpoint

github.com · 2026-04-07

### Vulnerability Overview The `curl_cffi` library contains a redirect-based Server-Side Request Forgery (SSRF) vulnerability. The library does not restrict requests to internal IP addresses and autom…

SSRF in vLLM download_bytes_from_url function

github.com · 2026-04-07

# SSRF in `download_bytes_from_url` ## Vulnerability Overview In the `vllm-project/vllm` project, the `download_bytes_from_url` function contains a Server-Side Request Forgery (SSRF) vulnerability. An…

esaml XXE/SSRF Vulnerability (EEF-CVE-2026-28809) Analysis and Fix

osv.dev · 2026-04-07

### Vulnerability Summary: EEF-CVE-2026-28809 **1. Vulnerability Overview** * **Vulnerability ID**: EEF-CVE-2026-28809 * **Vulnerability Type**: XML External Entity (XXE), Server-Side Request Forgery …

SSRF Vulnerability Analysis and Fix: URL Validation Logic Implementation

github.com · 2026-04-07

# Vulnerability Summary ## 1. Vulnerability Overview This is a **SSRF (Server-Side Request Forgery)** vulnerability. - **Description**: The application lacks effective validation and sanitization mech…

lin-snow/echo SSRF Vulnerability Analysis and Fix Guide

github.com · 2026-04-07

# Vulnerability Summary: lin-snow/echo SSRF Vulnerability ## Vulnerability Overview An unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in the `GetWebsiteTitle` function of the …

Unauthenticated SSRF in Echo Website Preview Feature with POC

github.com · 2026-04-07

# GitHub Security Advisory: Unauthenticated SSRF in Website Preview Feature ## Vulnerability Overview The "Website Preview" feature in Echo (implemented via `GET /api/website/title`) contains an unaut…

SSRF Vulnerability Fix in Payload Framework: Code Analysis and Mitigation

github.com · 2026-04-07

### Vulnerability Key Information Summary **Vulnerability Overview** This commit fixes a **SSRF (Server-Side Request Forgery)** vulnerability. When the Payload framework initiates HTTP requests (speci…

pyload-ng CVE-2026-35187 SSRF Vulnerability and POC

github.com · 2026-04-07

### Vulnerability Overview * **Title**: SSRF in `parse_urls` API endpoint via unvalidated URL parameter * **CVE ID**: CVE-2026-35187 * **CVSS Score**: 7.7 / 10 (High) * **Description**: The `parse_url…

GitLab CVE-2021-22205 SSRF/DoS Vulnerability Analysis

github.com · 2026-04-04

Based on the provided screenshot, this is a GitHub issue page regarding the GitLab vulnerability CVE-2021-22205. The following is a summary of the key information: **Vulnerability Overview** * **Vulne…

SSRF in mixelpixx google-search-mcp 0.1.0 via extractContent

vuldb.com · 2026-04-04

### Vulnerability Key Information Summary **Vulnerability Overview** * **Vulnerability Name**: mixelpixx google-search-mcp 0.1.0 Server-Side Request Forgery (SSRF) * **Pull Request ID**: #781778 * **D…

Budibase 3.33.4 Security Release: Fixes Command Injection, Path Traversal, and SSRF Risks

github.com · 2026-04-04

### Budibase 3.33.4 Security Update Summary **Vulnerability Overview** This release (version 3.33.4) addresses multiple security vulnerabilities, including: * **REST Target Restriction**: Default enfo…

Salesforce REST Connect SSRF via Empty Default Endpoint

github.com · 2026-04-04

Based on the provided webpage screenshot, here is a summary of the vulnerability: **Vulnerability Overview** * **Vulnerability Name**: Server-Side Request Forgery (SSRF) via REST Connect with Empty De…

ZimaOS CVE-2023-28788 SSRF via Cloudflare Tunnel

github.com · 2026-04-04

# 漏洞总结：ZimaOS Cloudflare Tunnel SSRF 漏洞 **漏洞概述** * **漏洞名称:** Arbitrary internal service access via /v1/sys/proxy when Cloudflare Tunnel is enabled on ZimaOS * **CVE ID:** CVE-2023-28788 * **严重程度:** Cr…

prompts.chat SSRF via Fal.ai Media Status Polling

www.vulncheck.com · 2026-04-04

# 漏洞总结 **漏洞名称**: prompts.chat SSRF via Fal.ai Media Status Polling **漏洞概述**: prompts.chat (产品ID: 204644) 在 Fal.ai 媒体状态轮询功能中存在服务器端请求伪造（SSRF）漏洞。 **影响范围**: - **受影响产品**: prompts.chat - **漏洞类型**: SSRF (Ser…

Wire InputImageLayer1 Blind SSRF via Unvalidated URL Scheme

github.com · 2026-04-04

# Security Report Summary: Wire InputImageLayer1 Blind SSRF ## Vulnerability Overview - **Name:** Wire InputImageLayer1 Blind SSRF - **Type:** Blind Server-Side Request Forgery (SSRF) - **Root Cause:*…

Blind SSRF in prompts.chat media-generate feature

www.vulncheck.com · 2026-04-04

### 漏洞总结 **漏洞概述** * **漏洞名称:** prompts.chat Blind SSRF via media-generate * **漏洞类型:** 盲 SSRF (Server-Side Request Forgery) * **描述:** prompts.chat 的 `media-generate` 功能存在盲 SSRF 漏洞。未授权用户（unprivileged use…

Falai SSRF Vulnerability and AWS Credential Leakage Analysis

gist.github.com · 2026-04-04

# Falai Media Status Polling SSRF & Credential Leakage Vulnerability Summary ### Vulnerability Overview * **Vulnerability Name**: SSRF & Credential Leakage via Falai Media Status Polling * **Vulnerabi…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 477— Search: SSRF×

Security Intel Hub 477— Search: `SSRF`×