Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 477— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Unauthenticated SSRF and LFI in mogu_blog_v2 via /file/uploadPicsByUrl
github.com · 2025-12-04

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Unauthenticated SSRF and Local File Inclusion - **Affected Project**: mogu_blog_v2 - **Reporter**: sh7err@v…

Read more
ZenTao 21.7.6 SSRF in ai::modelTestConnection via base parameter
github.com · 2025-12-04

### Key Information Summary #### Vulnerability Overview - **Vulnerability Name**: ZenTao Test Connection SSRF Vulnerability - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Severity**:…

Read more
XunRui CMS v4.7.1 SSRF Vulnerability in Domain Binding
github.com · 2025-12-05

From the screenshot of this webpage, we can extract the following key information about the vulnerability: ### Overview - **Title**: xunruicms-test_site_domain-SSRF - **Description**: The XunRui CMS s…

Read more
XunruiCMS <=4.7.1 SSRF Vulnerability Advisory
vuldb.com · 2025-12-05

- **Vendor/Product:** Sichuan Xunrui Cloud Software Development Co., Ltd x - **Vulnerable Versions:** <=4.7.1 - **Vulnerability Type:** Server-Side Request Forgery (SSRF) - **Description:** An SSRF vu…

Read more
CVE-2025-65958 SSRF Vulnerability Analysis and PoC
github.com · 2025-12-05

### Key Information Summary - **Vulnerability Name**: Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in `/api/v1/retrieval/process/web` - **CVE ID**: CVE-2025-65958 - **Severity**: Hi…

Read more
LibreChat SSRF Vulnerability Analysis (CVE-2025-66201)
github.com · 2025-12-05

## Critical Vulnerability Information ### Vulnerability Type - **Server-side Request Forgery (SSRF)** ### Affected Versions - **< 0.8.1-rc2** ### Fixed Version - **0.8.1-rc2** ### Vulnerability Descri…

Read more
PublicCMS V5 SSRF Vulnerability Analysis (CVE-2025-65836)
github.com · 2025-12-06

### Key Information Summary - **CVE ID**: CVE-2025-65836 - **Affected Software**: PublicCMS V5.202506.b - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Component**: `chat` in…

Read more
xerrors Yuxi-Know SSRF Vulnerability Analysis (CVE-2025-14116)
vuldb.com · 2025-12-06

### Vulnerability Key Information - **CVE ID**: CVE-2025-14116 - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **CVSS Meta Temp Score**: 4.2 - **Current Exploit Price**: $0-$5k - **CTI …

Read more
Ilevia EVE X1 Server CVE-2025-60738 RCE and SSRF Vulnerability
github.com · 2025-11-21

### Key Information #### Vulnerability Overview - **CVE ID**: CVE-2025-60738 - **Project**: Ilevia EVE X1 Server - **Affected Versions**: Firmware Version <= 4.7.18.0.eden and Logic Version <= 6.00 - …

Read more
UnForm Server <10.1.15 Unauthenticated File Read and SSRF via Doc Flow (CVE-2025-34350)
www.vulncheck.com · 2025-11-26

### Key Information Summary #### Title UnForm Server < 10.1.15 Doc Flow Unauthenticated File Read #### Severity HIGH #### Date November 25, 2025 #### Affected Software Versions - UnForm Server < 10.1.…

Read more
Minder CVE-2025-65109: Rego http.send not sandboxed leading to SSRF
github.com · 2025-11-22

## Key Vulnerability Information - **Title**: Minder does not sandbox `http.send` in Rego programs - **Severity**: High (8.5/10) - **CVE ID**: CVE-2025-65109 - **CVE Weakness**: CWE-830: Use of Privil…

Read more
NVIDIA NeMo Agent Toolkit SSRF Vulnerability (CVE-2025-33203)
www.cve.org · 2025-11-26

- **CVE ID**: CVE-2025-33203 - **Published Date**: 2025-11-25 - **Updated Date**: 2025-11-25 - **Description**: The NVIDIA NeMo Agent Toolkit UI for Web has a vulnerability in the chat API endpoint th…

Read more
Cisco Security Advisories: Multiple Vulnerabilities including RCE, PE, SSRF (CVE-2025-20289, etc.)
tools.cisco.com · 2025-11-19

### Cisco Security Advisories | Advisory | Impact | CVE | Last Updated | Version | | --- | --- | --- | --- | --- | | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Discl…

Read more
Node.js SSRF Vulnerability and Needle Library Undefined Reference Crash Analysis
github.com · 2025-11-20

## Critical Vulnerability Information ### Vulnerability Type - SSRF (Server-Side Request Forgery) ### Vulnerability Description - The research page intentionally exposes an SSRF vulnerability, allowin…

Read more
Cisco Security Advisory: Multiple Vulnerabilities including RCE, PE, SSRF (CVE-2025-20289, CVE-2025-20363, etc.)
tools.cisco.com · 2025-11-20

## Critical Vulnerability Information | Vulnerability Description | Impact Level | CVE ID | Last Updated Date | Version | | --- | --- | --- | --- | --- | | Cisco Identity Services Engine Reflected Cro…

Read more
OpenEMR CVE-2024-26476 Blind SSRF via HTML Injection in PDF Generator
github.com · 2025-11-20

# CVE-2024-26476 - OpenEMR Blind SSRF via HTML Injection in PDF Generator (mPDF) ## Key Information - **CVE ID**: CVE-2024-26476 - **Vulnerable Product**: OpenEMR - **Vulnerable Version**: ``` ## Repo…

Read more
i-librarian SSRF Vulnerability Fix Details
github.com · 2025-11-20

### Key Information - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Discovery Date**: March 15, 2018 - **Affected Code Location**: `i-librarian/functions.php`, line 811 - **Issue**: T…

Read more
Zammad SSRF via GitHub/GitLab Integration (CVE-2021-42091)
zammad.com · 2025-11-19

- **ID:** ZAA-2021-08 - **Date:** 10/05/2020 - **Title:** Server Side Request Forgery via GitHub/GitLab Integration - **Severity:** medium - **Product:** Zammad 1.0.x up to 4.1.0 - **Fixed in:** Zamma…

Read more
Jenkins Plugin Security Advisories: CVE-2020-2320 to 2324 (CSRF, SSRF, Auth Bypass)
www.jenkins.io · 2025-11-19

```md ## Critical Vulnerability Information ### Vulnerability Overview - The document lists several critical vulnerabilities in Jenkins deliverables. ### Vulnerability Description #### CVSS Vulnerabil…

Read more
Apache Batik/FOP/XMLGraphics Commons SSRF/XXE/Deserialization Vulnerability Advisory
xmlgraphics.apache.org · 2025-11-14

- **Apache™ Batik Project Security:** - CVE-2022-44729 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-44730 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-42890 / SSRF vulnerability / Fi…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.