Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 477— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
GHSA-jcc6-f9v6-f7jw: Authenticated Full Read SSRF via Favicon Fetching (CVE-2026-27706)
github.com · 2026-02-26

### Key Information #### Vulnerability Details - **Title**: Full Read SSRF via Favicon Fetching in "Add Link" Feature - **ID**: GHSA-jcc6-f9v6-f7jw - **Publisher**: sriramveeraghanta - **Published**: …

Read more
SSRF Vulnerability Principles and Defense Checklist
developer.mozilla.org · 2026-02-26

### Key Information on SSRF Vulnerabilities - **Definition**: - Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to force a server to make arbitrary network requests. Sinc…

Read more
OpenKruise CVE-2026-24005 SSRF via Unrestricted Host Field
github.com · 2026-02-26

### Vulnerability Key Information - **CVE ID**: CVE-2026-24005 - **Vulnerability Type**: SSRF (Server-Side Request Forgery) via Unrestricted Host Field - **Affected Versions**: <v1.8.0 - **Fixed Versi…

Read more
Dinky FlinkProxyController SSRF Vulnerability Analysis
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
CVE-2026-25545: SSRF in @astrojs/node via Host Header Injection with PoC
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Form…

Read more
Craft CMS SSRF Fix via IPv6 Prefix Filtering (GHSA-v2gc-rm6g-wrw9)
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary into English. * **Role:** Professional translator specializing in cybersecurity. * **Co…

Read more
JEEWMS v3.7 UEditor SSRF Vulnerability in getRemoteImage.jsp
www.notion.so · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Inpu…

Read more
LibreDesk Webhooks SSRF Vulnerability (CVE-2026-26957) Analysis and Exploitation
github.com · 2026-02-21

## SSRF Vulnerability in Webhooks ### Key Information **Package:** LibreDesk **Affected Versions:** Latest **Patched Versions:** None **CVE ID:** CVE-2026-26957 **Severity:** Medium **Weaknesses:** CW…

Read more
DataLinkDC dinky SSRF Vulnerability Analysis (CVE-2026-3052)
vuldb.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Inpu…

Read more
Dinky FlinkProxyController SSRF Vulnerability Analysis
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
Hugging Face smolagents LocalPythonExecutor SSRF Vulnerability Analysis
github.com · 2026-02-21

## Key Information ### Affected Products - **Product**: smolagents - **Vendor**: Hugging Face - **Vulnerable Component**: LocalPythonExecutor ### Affected Versions V1.x ### Vulnerability Type - SSRF (…

Read more
ClipBucket V5 SSRF Vulnerability (CVE-2026-26005) Analysis and Internal Network Scanning
github.com · 2026-02-21

### Key Information #### Vulnerability Description - **Title**: Internal network scan via an SSRF vulnerability - **Affected Versions**: = 5.5.3 - #45 - **Severity**: Moderate (5.0/10) - **CVE ID**: C…

Read more
Fix SSRF in Test LLM API Endpoint via Fixed Response Time
github.com · 2026-02-21

### Key Information - **PR Type**: Bug fix, Enhancement - **Description**: - Added a fixed response time (10 seconds) to prevent SSRF port scanning - Implemented delays in both success and error paths…

Read more
SoftVision webPDF SSRF Leading to LFI Vulnerability (CVE-2025-55853) Analysis
github.com · 2026-02-21

## CVE-2025-55853 - Local File Inclusion via Server Side Request Forgery ### About SoftVision webPDF versions prior to 10.0.2 are vulnerable to Server-Side Request Forgery (SSRF). ### Key Information …

Read more
SSRF Vulnerability in /api/download Endpoint
github.com · 2026-02-21

### Key Information #### Vulnerability Description - The `/api/download` endpoint accepts a URL parameter provided by the user without any security validation. It directly uses `http.Get()` to initiat…

Read more
worldquant-miner v1.0.9 SSRF Vulnerability in /console/api/remote-files
github.com · 2026-02-21

## Key Information - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Affected Version**: worldquant-miner v1.0.9 - **Vulnerable Endpoint**: `/console/api/remote-files` - **Vulnerability…

Read more
NetApp StorageGRID SSRF Vulnerability Advisory (CVE-2026-22048)
security.netapp.com · 2026-02-21

- **Vulnerability ID**: CVE-2026-22048 - **Advisory ID**: NTAP-20260217-0001 - **Affected Product**: StorageGRID (formerly StorageGRID Webscale) - **Vulnerable Versions**: Prior to 11.9.0.12 and 12.0.…

Read more
OpenSift SSRF Vulnerability (CVE-2026-27170) Fix Details
github.com · 2026-02-21

### Vulnerability Key Information #### Vulnerability Description - **Vulnerability Name**: SSRF risk in OpenSift URL ingestion endpoint - **CVE ID**: CVE-2026-27170 - **Release Date**: 2 days ago - **…

Read more
Alfresco Transform Service Vulnerabilities: CVE-2026-26337/338/339 (RCE, SSRF, Path Traversal)
connect.hyland.com · 2026-02-21

- **CVE-2026-26337**: Absolute Path Traversal (Arbitrary File Read + SSRF) - Impact: Arbitrary file read and server-side request forgery (SSRF) - Affected Components: Alfresco Transform Service (ATS),…

Read more
SPIP <4.4.9 Blind SSRF Vulnerability (CVE-2026-27472)
www.vulncheck.com · 2026-02-21

- **Title**: SPIP < 4.4.9 Blind Server-Side Request Forgery via Syndicated Sites - **Severity**: Medium - **Date**: 2026-02-19 - **CVE ID**: CVE-2026-27472 - **CVSS V4 Base Score**: 4.4 - **CVSS V4 Ve…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.