Security Intel Hub 478— Search: `SSRF`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Vexa Webhook SSRF Vulnerability Analysis and Reproduction

github.com · 2026-04-21

# SSRF Vulnerability Summary: Vexa Webhook Feature ## Vulnerability Overview - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Affected Component**: Vexa Webhook Feature - **Description…

LMdeploy VL Module SSRF Vulnerability and Fix

github.com · 2026-04-21

# Vulnerability Summary: SSRF Vulnerability in LMdeploy Visual Language Model ## Overview In the visual language module of LMdeploy, the `load_image()` function contains a Server-Side Request Forgery …

Imdeploy SSRF Vulnerability Fix and is_safe_url Implementation

github.com · 2026-04-21

# Vulnerability Summary ## Vulnerability Overview This submission fixes security vulnerabilities in the `InternLM/Imdeplopy` project, mainly involving **missing URL safety validation** and **improper …

InternLM lmdeploy SSRF and Code Execution Vulnerability Fix Guide

github.com · 2026-04-21

# Vulnerability Summary ## Overview - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Description**: The `eval` function is used in PyTorch configuration parsing, posing a security risk…

CVE-2026-35587: SSRF in Glances IP Plugin via public_api leads to credential leakage

github.com · 2026-04-21

# Vulnerability Summary ## Vulnerability Overview - **Vulnerability Name**: SSRF in Glances IP Plugin via public_api leads to credential leakage - **CVE ID**: CVE-2026-35587 - **Vulnerability Type**: …

CVE-2024-35387: Glances IP Plugin SSRF Leads to Credential Leakage

github.com · 2026-04-21

# SSRF in Glances IP Plugin via public_api leads to credential leakage ## Vulnerability Overview * **Vulnerability Type**: Server-Side Request Forgery (SSRF) and Credential Leakage. * **Affected Compo…

OpenClaw Ollama SSRF Vulnerability and Fix

github.com · 2026-04-21

# Vulnerability Summary ## Vulnerability Overview There is a security vulnerability in the Ollama network requests within the OpenClaw project. This vulnerability allows an attacker to bypass security…

FreeScout <1.8.213 Authenticated SSRF Vulnerability and Patch Details

github.com · 2026-04-22

# SSRF via IMAP/SMTP Connection Test Endpoints ## Vulnerability Overview The FreeScout email system has a Server-Side Request Forgery (SSRF) vulnerability. In the IMAP/SMTP connection test feature, th…

Ragas Path Traversal and SSRF via Incomplete CVE-2025-45691 Patch

vuldb.com · 2026-04-20

# Vulnerability Summary ## Overview - **Vulnerability ID**: Submit #791088 - **Vulnerability Title**: Exploding Gradients ragas latest (commit 2b38724) Path Traversal / Server-Side Request Forgery (CW…

AgentScope <=1.0.18 Blind SSRF Vulnerability Analysis

vuldb.com · 2026-04-20

# Vulnerability Summary ## Overview - **Vulnerability ID**: #792224 - **Vulnerability Name**: AgentScope <= 1.0.18 Server-Side Request Forgery (CWE-918) - **Vulnerability Type**: Blind Server-Side Req…

AgentScope Blind SSRF via Multimodal Tool Prompt Injection (CWE-918)

gist.github.com · 2026-04-20

### Vulnerability Overview - **Title**: Blind SSRF Exploited via Multimodal Tool Functions Through Prompt Injection - **Description**: In AgentScope, multimodal tool functions such as `_parse_url()`, …

AgentScope SSRF/LFI/DoS Vulnerability Analysis

gist.github.com · 2026-04-20

# Vulnerability Summary: AgentScope Audio Playback SSRF & LFI ## Overview **Title**: Blind SSRF + Local File Inclusion (LFI) + Denial of Service (DoS) **Source**: The `AgentBase._process_audio_block()…

LangGenius Dify <=0.6.9 Blind SSRF Vulnerability in ApiToolManageService

vuldb.com · 2026-04-20

### Vulnerability Overview - **Vulnerability ID**: #792231 - **Vulnerability Name**: LangGenius Dify <= 0.6.9 Server-Side Request Forgery (CWE-918) - **Vulnerability Type**: Server-Side Request Forger…

Dify SSRF Vulnerability (CVE-2026-6617) Analysis and POC

vuldb.com · 2026-04-20

### Vulnerability Overview - **Vulnerability Name**: CVE-2026-6617 - **Vulnerability Type**: Server-side request forgery (SSRF) - **Vulnerability Description**: A vulnerability was discovered in the `…

Blind SSRF in Dify <=0.6.9 via API Tool Remote Schema Fetch

gist.github.com · 2026-04-20

# Vulnerability Summary: Blind SSRF in Remote Schema Retrieval of API Tool ## Overview - **Title**: Blind Server-Side Request Forgery (SSRF) in Remote Schema Retrieval of API Tool - **Description**: A…

SuperAGI WebScraperTool Full SSRF Vulnerability and POC

gist.github.com · 2026-04-20

# Vulnerability Summary: SuperAGI WebScraperTool SSRF Vulnerability ## Overview **Title**: Full SSRF via WebScraperTool allows authenticated users to access internal services and cloud metadata **Desc…

Mogu Blog SSRF Vulnerability Analysis (CVE-2026-6625)

vuldb.com · 2026-04-20

### Vulnerability Overview - **Vulnerability Name**: moxi624 Mogu Blog v2 up to 5.2 Picture Storage Service LocalFileServiceImpl.java LocalFileServiceImpl.uploadPictureByUrl server-side request forger…

SSRF Vulnerability Fix Analysis: validateUrl Function Implementation Details

github.com · 2026-04-20

# Vulnerability Summary ## Overview - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Description**: Through the `EmbedProxy` feature, an attacker can craft malicious requests, causing …

Vvweb 1.0.8.1 Vulnerabilities: Unauth RCE, SSRF, Privilege Escalation

github.com · 2026-04-20

### Vulnerability Overview In Vvweb version 1.0.8.1, multiple security vulnerabilities have been discovered, mainly including: 1. **Unauthenticated Remote Code Execution Vulnerability**: Occurs via PH…

GeoNode Remote Document Upload SSRF Vulnerability and Fix

github.com · 2026-04-18

# GeoNode Remote Document Upload Thumbnail Generation Vulnerability ## Vulnerability Overview When uploading remote documents, GeoNode attempts to generate thumbnails for them. An attacker can craft a…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 478— Search: SSRF×

Security Intel Hub 478— Search: `SSRF`×