Security Intel Hub 477— Search: `SSRF`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Red Hat python-kdcproxy Security Update: CVE-2025-59088 Unauthenticated SSRF and CVE-2025-59089 Remote DoS

access.redhat.com · 2025-11-14

## Critical Vulnerability Information ### Summary - RHSA-2025:21142: python-kdcproxy Security Update ### Type/Severity - Important ### Subject - An update for python-kdcproxy is now available for Red …

Red Hat python-kdcproxy Security Update: CVE-2025-59088 SSRF & CVE-2025-59089 DoS

access.redhat.com · 2025-11-14

### Critical Vulnerability Information - **Advisory ID**: RHSA-2025:21138 - **Release Date**: 2025-11-12 - **Update Date**: 2025-11-12 - **Severity**: Important #### Vulnerability Overview - **Title**…

Red Hat python-kdcproxy Unauthenticated SSRF and Remote DoS Fix (RHSA-2025:21140)

access.redhat.com · 2025-11-14

### Critical Vulnerability Information #### Vulnerability Identifier - RHSA-2025:21140 #### Release & Update - Release Date: 2025-11-12 - Update Date: 2025-11-12 #### Summary - Severity: idm:DL1 Secur…

Red Hat python-kdcproxy SSRF-induced DoS via Unbounded Memory Allocation (CVE-2025-59089)

access.redhat.com · 2025-11-14

## Key Information ### Description - **CVE**: CVE-2025-59089 - **Disclosure Date**: November 12, 2025 - **Severity**: Medium (CVSS v3 Base Score: 5.9) ### Vulnerability Details - **Description**: If a…

Red Hat python-kdcproxy SSRF Vulnerability (CVE-2025-59088) Advisory

access.redhat.com · 2025-11-14

### Critical Vulnerability Information - **CVE ID**: CVE-2025-59088 - **Release Date**: November 12, 2025 - **Severity**: Important - **CVSS v3 Score**: 8.6 #### Description If kdcproxy receives a req…

OneNav v0.9.35 SSRF Vulnerability in get_link_info API with PoC

github.com · 2025-11-13

### Key Information Summary - **Vulnerability Type**: SSRF (Server-Side Request Forgery) vulnerability - **Affected Version**: OneNav v0.9.35-20240318 - **Vulnerability Description**: - After gaining …

ikiwiki Aggregator Plugin SSRF Vulnerability (CVE-2019-9187) Fix

lists.debian.org · 2025-11-13

### Critical Vulnerability Information - **Package**: ikiwiki - **Version**: 3.20141016.4+deb8u1 - **CVE ID**: CVE-2019-9187 #### Vulnerability Description The maintainer of ikiwiki discovered that th…

GitLab CI Lint API SSRF Vulnerability (CVE-2021-39935) Patch Analysis

gitlab.com · 2025-11-12

```md # II. Key Vulnerability Information from Screenshot ## Title: - SSRF Patch for CI Lint API is Incomplete ## Type: - Security, Bug ## Severity: - Priority 3 (Moderate) ## CVE: - CWE-918 (SSRF) ##…

SSRF in Soft-Serve Webhooks (CVE-2025-64522)

github.com · 2025-11-11

### SSRF in Webhooks **Severity:** High (7.7 / 10) #### Package - **Repository:** github.com/charmbracelet/soft-serve (Go) - **Affected Versions:** < v0.11.0 - **Patched Versions:** v0.11.1 #### Descr…

OpenClinica XXE Vulnerability: Local File Disclosure and SSRF via XML Import

github.com · 2025-11-11

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: XML External Entity (XXE) - **Impact**: File disclosure and potential Server-Side Request Forgery (SSRF) ##…

Fix SSRF: Disable HTTP redirects in Go client

github.com · 2025-11-10

- **Commit Information:** - Commit Hash: `f40135d` - Committed by: `gabek` - Date: April 25, 2023 - Commit Message: `fix: disable redirects to guard against possible SSRFs` - **Files Changed:** - `act…

Parse Server SSRF Vulnerability (CVE-2025-64430) Advisory

github.com · 2025-11-09

## Critical Vulnerability Information ### Vulnerability Overview - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Affected Function**: File Upload via URI Format - **Affected Versions*…

CVE-2025-64327: Blind SSRF in /api/ping (<=0.6.7)

github.com · 2025-11-09

### Critical Vulnerability Information #### Vulnerability Overview - **Type**: Blind Server-Side Request Forgery (SSRF) - **Affected Versions**: <= 0.6.7 - **Fixed Version**: 0.6.8 - **CVE ID**: CVE-2…

MetInfo CMS <8.1 XXE/SSRF Vulnerability Analysis and PoC

github.com · 2025-11-09

### Critical Vulnerability Information #### 1. Vulnerability Overview - **Type**: Server-Side Request Forgery (SSRF) vulnerability, achieved through XML External Entity (XXE) injection. - **Affected S…

MetInfo CMS XXE Leading to SSRF Vulnerability Analysis

github.com · 2025-11-09

### Vulnerability Overview - **Vulnerability Name**: SSRF Vulnerability Exploited via XXE Injection in MetInfo - **Summary**: - SSRF vulnerability is achieved through XML External Entity (XXE) injecti…

SSRF Vulnerability in /api/proxy/ targetUrl Parameter: Exploit and Fix

github.com · 2025-11-09

### Critical Vulnerability Information #### Description - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Cause**: The `targetUrl` parameter in the `/api/proxy/` endpoint is exposed, al…

PostgreSQL dblink Abuse for Privilege Escalation and SSRF Analysis

www.leidecker.info · 2025-11-09

From this screenshot, the following key information about the vulnerability can be extracted: ### 1. **PostgreSQL dblink Exploitation** - **Abuse of dblink Functionality**: - dblink is a PostgreSQL li…

Cisco Security Advisory: Critical RCE, SSRF, DoS Vulnerabilities in ASA, ISE, Contact Center (CVE-2025-20333, etc.)

tools.cisco.com · 2025-11-09

### Critical Vulnerability Information - **Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability** -…

Synology Download Station Command Injection & SSRF Vulnerabilities (CVE-2021-34809/34810/34811)

www.synology.com · 2025-11-07

### Key Information Summary - **Vulnerability IDs:** - CVE-2021-34809 - CVE-2021-34810 - CVE-2021-34811 - **Severity:** - Important - **CVE Details:** - **CVE-2021-34809:** - CVSS3 Base Score: 9.9 - C…

SAP HANA/NetWeaver/Basis Security Bulletin: Multiple Vulnerabilities (RCE, SSRF, DOS)

www.onapsis.com · 2025-11-07

### Key Information #### 1. Open Redirect in SAP HANA XSA UAA Server - **Affected System**: SAP HANA - **Severity**: High - **Date**: 09/15/2025 - **Description**: This vulnerability allows remote att…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 477— Search: SSRF×

Security Intel Hub 477— Search: `SSRF`×