SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18.0.5. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.
SSRF
Drawio
NVD
GitHub
CVSS 3.1
3.3
EPSS
0.5%