Threats Tagged 'cve-2026-41060'
View all threats tagged with 'cve-2026-41060'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-41060'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-41060: CWE-918: Server-Side Request Forgery (SSRF) in WWBN AVideoCVE-2026-41060 0 CVE-2026-41060 is a Server-Side Request Forgery (SSRF) vulnerability in WWBN AVideo versions 29. 0 and below. The vulnerability arises from the isSSRFSafeURL() function, which incorrectly allows URLs with the same hostname as the site to bypass SSRF protections regardless of port. This enables attackers to access arbitrary ports on the AVideo server. The response from such requests is saved to a web-accessible location, allowing attackers to exfiltrate data. A fix for this issue is available in commit a0156a6398362086390d949190f9d52a823000ba. Join the discussion | CVE Database V5 | 04/21/2026, 22:44:44 UTC Added: 04/22/2026, 05:33:53 UTC |
Showing 1 to 1 of 1 result