Reddit NetSec

CVE Database V5

AlienVault OTX General

Exploit-DB RSS Feed

Reddit InfoSec News

ThreatFox MISP Feed

CIRCL OSINT Feed

AlienVault OTX Vulnerabilities

AlienVault OTX Malware

A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit component of the langchain-community package (specifically, langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit) in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does not enforce restrictions on requests to remote internet addresses, allowing it to also access local addresses. As a result, an attacker could exploit this flaw to perform port scans, access local services, retrieve instance metadata from cloud environments (e.g., Azure, AWS), and interact with servers on the local network. This issue has been fixed in version 0.0.28.

CVE-2025-2828 is a high-severity Server-Side Request Forgery (SSRF) vulnerability identified in the RequestsToolkit component of the langchain-community package, specifically within langchain_community.agent_toolkits.openapi.toolkit.RequestsToolkit, part of the langchain-ai/langchain project version 0.0.27. SSRF vulnerabilities allow an attacker to induce the server-side application to make HTTP requests to arbitrary domains, including internal network addresses that are typically inaccessible from outside. In this case, the vulnerability arises because the RequestsToolkit does not impose restrictions on the destination of outgoing requests, permitting access to both remote internet addresses and local network addresses. This lack of validation enables attackers to perform several malicious actions: conducting port scans on internal networks, accessing local services that may not be exposed externally, retrieving sensitive instance metadata from cloud environments such as AWS or Azure (which often contain credentials or configuration data), and interacting with other servers within the local network environment. The vulnerability has been assigned a CVSS v3.0 base score of 8.4, indicating a high level of severity. The vector string (AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H) shows that the attack can be performed remotely over the network with low attack complexity but requires high privileges and user interaction, and it affects confidentiality, integrity, and availability with a scope change. The issue was addressed and fixed in langchain-ai/langchain version 0.0.28. No known exploits have been reported in the wild as of the publication date (June 23, 2025).

Detailed information about CVE-2025-2828: CWE-918 Server-Side Request Forgery (SSRF) in langchain-ai langchain-ai/langchain affecting langchain-ai langchain-ai/

CVE-2025-2828: CWE-918 Server-Side Request Forgery (SSRF) in langchain-ai langchain-ai/langchain - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-2828: CWE-918 Server-Side Request Forgery (SSRF) in langchain-ai langchain-ai/langchain

gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.

CVE-2025-52967 is a Server-Side Request Forgery (SSRF) vulnerability identified in the MLflow product developed by lfprojects. Specifically, the vulnerability exists in the gateway_proxy_handler component of MLflow versions prior to 3.1.0, where there is a lack of validation on the gateway_path parameter. SSRF vulnerabilities allow an attacker to induce the server to make HTTP requests to arbitrary domains or internal systems that the attacker cannot directly access. In this case, due to insufficient validation, an attacker can craft requests that cause the MLflow server to send requests to internal or external network resources on behalf of the server. The CVSS 3.1 base score is 5.8 (medium severity), with the vector indicating that the attack can be performed remotely (AV:N), requires no privileges (PR:N), and no user interaction (UI:N). The impact is limited to integrity (I:L) with no confidentiality or availability impact, and the scope is changed (S:C), meaning the vulnerability affects components beyond the initially vulnerable component. No known exploits are currently reported in the wild, and no official patches or mitigations have been linked yet. MLflow is an open-source platform widely used for managing the machine learning lifecycle, including experimentation, reproducibility, deployment, and a central model registry. The gateway_proxy_handler is likely used to proxy requests to other services or internal APIs, and the lack of validation on the gateway_path parameter can be abused to perform SSRF attacks, potentially allowing attackers to access internal services, bypass firewalls, or perform further attacks within the network environment hosting MLflow. Given the nature of MLflow deployments, which often reside within enterprise environments and cloud infrastructure, this vulnerability could be leveraged to pivot into internal networks or access sensitive internal APIs that are not exposed externally. However, the absence of confidentiality and availability impacts suggests that direct data leakage or denial of service is not the primary concern, but integrity impacts could include unauthorized modification or triggering of internal services or workflows.

Detailed information about CVE-2025-52967: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-52967: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-52967: CWE-918 Server-Side Request Forgery (SSRF) in lfprojects MLflow

Server-Side Request Forgery (SSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Server Side Request Forgery. This issue affects Post and Page Builder by BoldGrid – Visual Drag and Drop Editor: from n/a through 1.27.8.

CVE-2025-52713 is a Server-Side Request Forgery (SSRF) vulnerability identified in the BoldGrid Post and Page Builder plugin, a visual drag-and-drop editor used for WordPress websites. This vulnerability affects versions up to and including 1.27.8. SSRF vulnerabilities occur when an attacker can manipulate a server to make unintended HTTP requests, potentially allowing access to internal resources or sensitive information that is otherwise inaccessible externally. In this case, the vulnerability allows an authenticated user with at least low privileges (PR:L) to induce the server to send crafted requests to arbitrary URLs without requiring any user interaction (UI:N). The CVSS 3.1 base score is 6.4, indicating a medium severity level. The vector string (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) shows that the attack can be launched remotely over the network with low attack complexity, requires privileges, and results in partial confidentiality and integrity impacts, but no availability impact. The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. Although no public exploits are currently known, the vulnerability could be leveraged to access internal services, metadata endpoints, or sensitive backend systems, potentially leading to information disclosure or further compromise. The lack of a patch link suggests that a fix may not yet be publicly available or is pending release. Given the plugin’s integration with WordPress, a widely used CMS, the vulnerability could be present on many websites using this plugin version, especially those that allow authenticated users to create or edit content with the builder.

Detailed information about CVE-2025-52713: CWE-918 Server-Side Request Forgery (SSRF) in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Edito

CVE-2025-52713: CWE-918 Server-Side Request Forgery (SSRF) in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-52713: CWE-918 Server-Side Request Forgery (SSRF) in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor

Server-Side Request Forgery (SSRF) vulnerability in Ali Irani Auto Upload Images allows Server Side Request Forgery. This issue affects Auto Upload Images: from n/a through 3.3.2.

CVE-2025-49985 is a Server-Side Request Forgery (SSRF) vulnerability identified in the Ali Irani Auto Upload Images plugin, affecting versions up to 3.3.2. SSRF vulnerabilities occur when an attacker can abuse a server functionality to make HTTP requests to arbitrary domains or internal systems, potentially bypassing network access controls. In this case, the vulnerability allows an attacker with low privileges (PR:L) and no user interaction (UI:N) to induce the server to send crafted requests to internal or external resources. The CVSS 3.1 base score is 4.9 (medium severity), reflecting a network attack vector (AV:N), high attack complexity (AC:H), and limited impact on confidentiality and integrity (C:L, I:L), with no impact on availability (A:N). The scope is changed (S:C), indicating that the vulnerability affects components beyond the initially vulnerable module, potentially impacting other parts of the system. Although no known exploits are currently reported in the wild and no patches have been published yet, the vulnerability could be leveraged to access internal services, gather sensitive information, or perform further attacks such as SSRF-based port scanning or exploiting trust relationships within internal networks. The lack of user interaction requirement and the ability to exploit remotely increase the risk profile, especially in environments where the plugin is deployed on publicly accessible web servers. The vulnerability is classified under CWE-918, which covers SSRF issues that can lead to unauthorized internal resource access or information disclosure. Given the plugin's role in handling image uploads, the SSRF vector likely involves manipulating URLs or upload parameters to trigger server-side requests to attacker-controlled or internal endpoints.

Detailed information about CVE-2025-49985: CWE-918 Server-Side Request Forgery (SSRF) in Ali Irani Auto Upload Images affecting Ali Irani Auto Upload Images. Ge

CVE-2025-49985: CWE-918 Server-Side Request Forgery (SSRF) in Ali Irani Auto Upload Images - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-49985: CWE-918 Server-Side Request Forgery (SSRF) in Ali Irani Auto Upload Images

Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows Server Side Request Forgery. This issue affects PowerPress Podcasting: from n/a through 11.12.11.

CVE-2025-49984 is a Server-Side Request Forgery (SSRF) vulnerability identified in the Angelo Mandato PowerPress Podcasting plugin, affecting versions up to and including 11.12.11. SSRF vulnerabilities occur when an attacker can abuse a server functionality to make HTTP requests to arbitrary domains or internal systems, potentially bypassing firewall restrictions and accessing sensitive internal resources. In this case, the PowerPress Podcasting plugin improperly validates or restricts URLs or network requests initiated by the server, allowing an attacker with at least low-level privileges to coerce the server into sending crafted requests to internal or external systems. The CVSS 3.1 base score of 4.9 (medium severity) reflects that the vulnerability requires network access (AV:N), has high attack complexity (AC:H), requires low privileges (PR:L), and no user interaction (UI:N). The impact affects confidentiality and integrity, but not availability, and the scope is changed (S:C), meaning the vulnerability can affect components beyond the initially vulnerable component. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is categorized under CWE-918, which specifically relates to SSRF issues. Given the plugin’s widespread use in podcasting websites, the vulnerability could be leveraged to access internal services, metadata endpoints, or other sensitive internal resources, potentially leading to information disclosure or further exploitation chains.

Detailed information about CVE-2025-49984: CWE-918 Server-Side Request Forgery (SSRF) in Angelo Mandato PowerPress Podcasting affecting Angelo Mandato PowerPres

CVE-2025-49984: CWE-918 Server-Side Request Forgery (SSRF) in Angelo Mandato PowerPress Podcasting - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-49984: CWE-918 Server-Side Request Forgery (SSRF) in Angelo Mandato PowerPress Podcasting

Server-Side Request Forgery (SSRF) vulnerability in Joe Hoyle WPThumb allows Server Side Request Forgery. This issue affects WPThumb: from n/a through 0.10.

CVE-2025-49983 is a Server-Side Request Forgery (SSRF) vulnerability identified in the WPThumb plugin developed by Joe Hoyle. WPThumb is a WordPress plugin designed to generate image thumbnails dynamically. The vulnerability affects versions up to 0.10, though exact version details are not fully specified. SSRF vulnerabilities occur when an attacker can manipulate a server-side application to make HTTP requests to arbitrary domains or internal systems, potentially bypassing firewall restrictions and accessing sensitive internal resources. In this case, the WPThumb plugin improperly validates or sanitizes user-supplied URLs or parameters used to fetch remote images for thumbnail generation. This allows an attacker to craft malicious requests that cause the server to initiate unintended HTTP requests to internal or external systems. The CVSS v3.1 base score is 4.9 (medium severity), with the vector indicating network attack vector (AV:N), high attack complexity (AC:H), low privileges required (PR:L), no user interaction (UI:N), scope changed (S:C), and low impact on confidentiality and integrity (C:L/I:L), with no impact on availability (A:N). The changed scope suggests that the vulnerability affects resources beyond the initially vulnerable component, potentially allowing access to other parts of the system or network. No known exploits are currently reported in the wild, and no patches have been published yet. The vulnerability was reserved and published in June 2025, indicating it is a recent discovery. SSRF vulnerabilities are particularly dangerous because they can be used to access internal services not exposed to the internet, perform port scanning, or leverage the server as a proxy for further attacks. Given WPThumb’s role in processing external image URLs, this vulnerability could be exploited by submitting crafted image URLs that trigger SSRF behavior.

Detailed information about CVE-2025-49983: CWE-918 Server-Side Request Forgery (SSRF) in Joe Hoyle WPThumb affecting Joe Hoyle WPThumb. Get real-time updates, t

CVE-2025-49983: CWE-918 Server-Side Request Forgery (SSRF) in Joe Hoyle WPThumb - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-49983: CWE-918 Server-Side Request Forgery (SSRF) in Joe Hoyle WPThumb

A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON POST parameters such as ipnotify_address and url, which are used by internal mechanisms to perform image fetch and DNS lookups. This allows remote unauthenticated attackers to induce the system to make arbitrary HTTP requests to internal or external systems, potentially bypassing firewall policies or conducting internal service enumeration.

CVE-2025-34021 is a high-severity server-side request forgery (SSRF) vulnerability affecting multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The vulnerability arises due to insufficient validation of user-supplied input in JSON POST parameters such as 'ipnotify_address' and 'url'. These parameters are used internally by the camera's software to perform image fetching and DNS lookups. Because the input is not properly sanitized or validated, an unauthenticated remote attacker can craft malicious requests that cause the camera to initiate arbitrary HTTP requests to internal or external network resources. This can lead to bypassing firewall restrictions and enable attackers to perform internal network reconnaissance or access otherwise inaccessible services. The vulnerability affects multiple firmware versions, including builds from 2019 through 2020 and CPS versions 3.x and 4.x. The CVSS 4.0 score is 7.8, indicating a high severity, with an attack vector of network, no required privileges or user interaction, and a high scope impact. No known exploits are currently reported in the wild, and no patches have been linked yet. The underlying weakness corresponds to CWE-918 (SSRF) and CWE-20 (Improper Input Validation). Given the nature of the vulnerability, attackers can leverage it to pivot into internal networks, potentially compromising confidentiality and integrity of internal systems or disrupting availability by targeting critical internal services or infrastructure components.

Detailed information about CVE-2025-34021: CWE-918 Server-Side Request Forgery (SSRF) in Selea Targa IP OCR-ANPR Camera affecting Selea Targa IP OCR-ANPR Camera

CVE-2025-34021: CWE-918 Server-Side Request Forgery (SSRF) in Selea Targa IP OCR-ANPR Camera - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-34021: CWE-918 Server-Side Request Forgery (SSRF) in Selea Targa IP OCR-ANPR Camera

PowSyBl (Power System Blocks) is a framework to build power system oriented software. Prior to version 6.7.2, in certain places, powsybl-core XML parsing is vulnerable to an XML external entity (XXE) attack and to a server-side request forgery (SSRF) attack. This allows an attacker to elevate their privileges to read files that they do not have permissions to, including sensitive files on the system. The vulnerable class is com.powsybl.commons.xml.XmlReader which is considered to be untrusted in use cases where untrusted users can submit their XML to the vulnerable methods. This can be a multi-tenant application that hosts many different users perhaps with different privilege levels. This issue has been patched in com.powsybl:powsybl-commons: 6.7.2.

CVE-2025-47293 is a security vulnerability identified in the powsybl-core component of the PowSyBl framework, which is used for building power system oriented software. The vulnerability arises from improper restriction of XML External Entity (XXE) references, classified under CWE-611, and also enables Server-Side Request Forgery (SSRF) attacks (CWE-918). Specifically, versions of powsybl-core prior to 6.7.2 contain an insecure XML parser implementation in the class com.powsybl.commons.xml.XmlReader. This parser does not adequately restrict or disable external entity resolution when processing XML input. In environments where untrusted users can submit XML data—such as multi-tenant applications hosting users with varying privilege levels—this flaw can be exploited to read arbitrary files on the server, including sensitive configuration or credential files. The SSRF aspect allows attackers to induce the server to make unauthorized network requests, potentially accessing internal resources not directly reachable by the attacker. The vulnerability does not require authentication or user interaction and can be triggered remotely by submitting crafted XML payloads. The issue was addressed and patched in version 6.7.2 of powsybl-commons. The CVSS v4.0 base score is 2.7, indicating a low severity primarily due to limited impact scope and ease of exploitation without authentication but with low confidentiality impact. No known exploits are currently reported in the wild. The vulnerability affects only versions prior to 6.7.2, so systems running updated versions are not vulnerable.

Detailed information about CVE-2025-47293: CWE-611: Improper Restriction of XML External Entity Reference in powsybl powsybl-core affecting powsybl powsybl-core

CVE-2025-47293: CWE-611: Improper Restriction of XML External Entity Reference in powsybl powsybl-core - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-47293: CWE-611: Improper Restriction of XML External Entity Reference in powsybl powsybl-core

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.  

Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that automatically apply Trend Micro's monthly maintenance releases to the SaaS instance do not have to take any further action.

CVE-2025-30680 is a Server-Side Request Forgery (SSRF) vulnerability identified in the SaaS version of Trend Micro Apex Central, a centralized security management platform widely used for managing endpoint and server security across enterprises. SSRF vulnerabilities occur when an attacker can manipulate server-side requests, causing the server to make unintended requests to internal or external resources. In this case, the vulnerability allows an attacker with at least limited privileges (PR:L - privileges required) to manipulate certain parameters in the SaaS Apex Central environment to induce the server to send crafted requests. This can lead to unauthorized information disclosure, potentially exposing sensitive internal data or metadata that should not be accessible externally. The vulnerability does not require user interaction (UI:N) and can be exploited remotely (AV:N) over the network, increasing its risk profile. The integrity impact is low (I:L), indicating limited ability to modify data, and availability is not affected (A:N). The vulnerability is scoped as unchanged (S:U), meaning the impact is confined to the vulnerable component. Since this affects only the SaaS instance of Apex Central, on-premises deployments are not vulnerable. Trend Micro’s monthly maintenance releases for the SaaS platform automatically address this issue, so customers who apply these updates do not need additional remediation. No known exploits are currently observed in the wild, but the CVSS score of 7.5 (high severity) reflects the significant risk posed by the vulnerability if exploited. The underlying weakness is classified as CWE-918, which relates to SSRF vulnerabilities that can be leveraged to bypass security controls and access internal resources or sensitive information.

Detailed information about CVE-2025-30680: CWE-918: SSRF in Trend Micro, Inc. Trend Micro Apex Central affecting Trend Micro, Inc. Trend Micro Apex Central. Get

CVE-2025-30680: CWE-918: SSRF in Trend Micro, Inc. Trend Micro Apex Central - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-30680: CWE-918: SSRF in Trend Micro, Inc. Trend Micro Apex Central

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

CVE-2025-30679 is a Server-Side Request Forgery (SSRF) vulnerability identified in the modOSCE component of Trend Micro Apex Central (on-premise) version 8.0. SSRF vulnerabilities occur when an attacker can manipulate server-side requests to make the server perform unintended actions, often allowing access to internal resources or sensitive information that would otherwise be inaccessible. In this case, the vulnerability allows an unauthenticated attacker (no privileges required) to manipulate certain parameters that control server requests, potentially causing the Apex Central server to disclose sensitive information. The vulnerability has a CVSS v3.1 base score of 6.5, indicating a medium severity level. The attack vector is network-based (AV:N), requires low attack complexity (AC:L), no privileges (PR:N), but does require user interaction (UI:R), and impacts confidentiality (C:H) without affecting integrity or availability. The scope is unchanged (S:U), meaning the vulnerability affects only the vulnerable component without impacting other components or systems. No known exploits are reported in the wild as of the publication date (June 17, 2025), and no patches have been linked yet. The vulnerability is classified under CWE-918, which specifically relates to SSRF issues. Trend Micro Apex Central is a centralized management console used by organizations to manage endpoint security products, making it a critical component in enterprise security infrastructure. The modOSCE component likely handles certain orchestration or communication tasks, and exploitation of this SSRF could allow attackers to access internal network resources or sensitive configuration data, potentially aiding further attacks or reconnaissance.

Detailed information about CVE-2025-30679: CWE-918: SSRF in Trend Micro, Inc. Trend Micro Apex Central affecting Trend Micro, Inc. Trend Micro Apex Central. Get

Title	Severity	Type	Source	Date

Threats Tagged 'cwe-918'

Filter Threats

Threats Tagged 'cwe-918'

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility