Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 477— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
SSRF in Astro Cloudflare Adapter via /_image endpoint (CVE-2025-58179)
github.com · 2025-09-05

### Critical Vulnerability Information #### Vulnerability Name Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter #### Affected Versions - Affected Versions: >=11.0.3 - Fixed…

Read more
rebuild 0.7.7 Arbitrary File Read and SSRF Vulnerability Analysis
github.com · 2025-08-26

### Key Information Summary #### Vulnerability Type - **Incorrect Access Control** - **SSRF (Server-Side Request Forgery)** #### Affected Versions - **rebuild 0.7.7** #### Vulnerability Description 1.…

Read more
PhpSpreadsheet SSRF Vulnerability Analysis (CWE-918)
github.com · 2025-08-26

### Key Information #### Vulnerability Type - **SSRF (Server-Side Request Forgery)** #### Affected Versions - **Affected Versions**: = 2.0.0 = 3.0.0 = 4.0.0 <5.0.0 - **Fixed Versions**: 1.3.0, 2.1.12,…

Read more
Drupal AI SEO Link Advisor SSRF Vulnerability (CVE-2025-8675)
www.drupal.org · 2025-08-17

### Critical Vulnerability Information - **Project**: AI SEO Link Advisor - **Date**: 2025-08-06 - **Security Risk**: Less critical (8/25 AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:All) - **Vuln…

Read more
MCCMS v2.7.0 SSRF Vulnerability Analysis
github.com · 2025-08-07

### Key Information - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Affected Version**: MCCMS v2.7.0 - **Test Environment**: Apache 2.4, MySQL 5.7, PHP 7.3 - **Discovery Date**: Augus…

Read more
stirling-pdf SSRF Vulnerability (CVE-2025-55161) with PoC
github.com · 2025-08-13

### Key Information #### Vulnerability Overview - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Package**: `stirling-pdf` (Maven) - **Affected Versions**: All versions - **Fi…

Read more
Liferay Portal/DXP Blind SSRF Vulnerability (CVE-2025-4581) Advisory
liferay.dev · 2025-08-11

## Critical Vulnerability Information ### Vulnerability Identifier - **CVE ID**: CVE-2025-4581 ### Vulnerability Description - **Type**: Blind SSRF (Server-Side Request Forgery) - **Location**: portal…

Read more
Astro _image Endpoint SSRF Vulnerability (CVE-2025-55303)
github.com · 2025-08-23

### Key Information #### Vulnerability Overview - **Vulnerability Name**: Unauthorized third-party images in Astro’s _image endpoint - **Severity**: High - **CVE ID**: CVE-2025-55303 - **Affected Vers…

Read more
Vvweb 1.0.5 Editor Privilege SSRF Vulnerability Analysis
hkohi.ca · 2025-08-07

### Key Information #### Details - **Software Type**: Web App - **Software Name**: Vvweb - **Affected Version**: 1.0.5 - **Software Vendor**: Vvweb - **Software Link**: https://github.com/givenz/Vvweb…

Read more
xboot v3.3.4 SSRF Vulnerability in Swagger Login Endpoint with POC
github.com · 2025-08-07

### Key Information #### Vulnerability Type - SSRF (Server-Side Request Forgery) #### Affected Version - xboot v3.3.4 #### Vulnerability Location - `/xboot/common/swagger/login` #### Vulnerability Cau…

Read more
Favorites SSRF Vulnerability in /collect/getCollectLogoUrl
github.com · 2025-08-07

### Key Information #### Vulnerability Type - SSRF (Server-Side Request Forgery) #### Affected Versions - <= v1.3.0 #### Vulnerability Description - An SSRF vulnerability was discovered on the `/colle…

Read more
stirling-pdf SSRF Vulnerability (CVE-2025-55150) with PoC
github.com · 2025-08-13

### Key Information #### Vulnerability Overview - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Package**: `stirling-pdf` (Maven) - **Affected Versions**: All versions - **Fi…

Read more
xboot v3.3.4 SSRF Vulnerability in /swagger/login Endpoint with POC
github.com · 2025-08-07

### Key Information #### Vulnerability Overview - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Version**: xboot v3.3.4 - **Affected Endpoint**: `/xboot/common/swagger/login`…

Read more
Favorites App SSRF Vulnerability in /collect/getCollectLogoUrl (<=v1.3.0) with POC
github.com · 2025-08-08

### Key Information #### Vulnerability Type - SSRF (Server-Side Request Forgery) #### Affected Versions - <= v1.3.0 #### Vulnerability Description - In the `/collect/getCollectLogoUrl` interface, the …

Read more
CVE-2025-54590: Blind SSRF in webfinger.js npm package
github.com · 2025-08-03

### Key Information #### Vulnerability Overview - **Vulnerability Type**: Blind SSRF - **Affected Package**: webfinger.js (npm) - **Affected Versions**: <= 2.8.0 - **Fixed Version**: 2.8.1 - **Severit…

Read more
Evoe URVE Web Manager SSRF Vulnerability (CVE-2025-36845)
www.syss.de · 2025-07-26

### Critical Vulnerability Information - **Advisory ID**: SYSS-2025-035 - **Product**: URVE Web Manager - **Manufacturer**: Evoe - **Affected Version(s)**: 27.02.2025 - **Tested Version(s)**: 27.02.20…

Read more
Cisco Talos: MedDream PACS Premium SSRF Vulnerability (CVE-2025-2485) Analysis
talosintelligence.com · 2025-07-30

### Key Information #### Vulnerability Overview - **Vulnerability ID**: TALOS-2025-2177 - **CVE ID**: CVE-2025-2485 - **Type**: Server-Side Request Forgery (SSRF) - **Affected Product**: MedDream PACS…

Read more
XXL-Job SSRF Vulnerability Analysis (Pre-Auth/HttpJobHandler)
github.com · 2025-07-19

### Key Information #### Vulnerability Type - SSRF (Server-Side Request Forgery) #### Affected Versions - xxl-job version 2.3.0 and earlier #### Vulnerability Description - In the `HttpJobHandler` cla…

Read more
PHP fsockopen() Null Byte Termination SSRF (CVE-2023-4730)
github.com · 2025-07-15

### Key Information #### Vulnerability Name - Null byte termination in hostnames #### Affected Versions - < 8.1.33 - < 8.2.29 - < 8.3.23 - < 8.4.10 #### Fixed Versions - 8.1.33 - 8.2.29 - 8.3.23 - 8.4…

Read more
Nimesa Backup and Recovery OS Command Injection and SSRF Vulnerabilities (CVE-2025-48501/CVE-2025-53473)
jvn.jp · 2025-07-12

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability ID**: JVN#88251376 - **Product**: Nimesa Backup and Recovery - **Release Date**: 2025/07/07 - **Update Date**: 2025…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.