Skip to main content

CWE-350

Reliance on Reverse DNS Resolution for a Security-Critical Action

17 CVEs Avg CVSS 6.4 MITRE
1
CRITICAL
6
HIGH
7
MEDIUM
3
LOW
3
POC
0
KEV

Monthly

CVE-2026-12635 LOW PATCH Monitor

Server-side request forgery (SSRF) in GitLab CE/EE allows an authenticated user with maintainer-role permissions to probe and interact with internal network resources by configuring malicious mirror synchronization URLs that bypass GitLab's URL validation controls. The flaw spans an exceptionally wide version range - from 8.3 all the way through the 19.x train - making the population of unpatched instances large. CWE-350 (Reliance on Reverse DNS Resolution) indicates the bypass likely exploits DNS-based validation circumvention rather than a simple allowlist gap. No public exploit or active KEV listing is confirmed at time of analysis, but the maintainer privilege bar is low enough in shared multi-tenant GitLab deployments to materially broaden the attacker population.

Gitlab Information Disclosure
NVD VulDB
CVSS 3.1
3.1
EPSS
0.2%
CVE-2026-36604 MEDIUM This Month

DNS rebinding on the Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) exposes the router's web management interface to attacker-controlled external origins due to absent HTTP Host header validation. A remote unauthenticated attacker (per CVSS PR:N) can rebind a malicious domain to the router's LAN IP address, then leverage the router's pre-existing CORS wildcard (Access-Control-Allow-Origin: *) to read admin interface responses cross-origin from within the victim's browser. No public exploit beyond the researcher's advisory exists and no CISA KEV listing is present at time of analysis.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6874 npm LOW GHSA Monitor

Reliance on reverse DNS resolution in ericc-ch copilot-api up to version 0.7.0 allows authenticated remote attackers to manipulate the Host header in the /token endpoint, leading to information disclosure. The vulnerability affects the Header Handler component and has been publicly disclosed with exploit code available; the vendor did not respond to early disclosure notification.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-33002 Maven HIGH PATCH This Week

Jenkins versions 2.442 through 2.554 and LTS 2.426.3 through 2.541.2 contain an origin validation bypass vulnerability in the CLI WebSocket endpoint that allows attackers to conduct DNS rebinding attacks. The vulnerability stems from improper use of Host and X-Forwarded-Host headers to compute expected request origins, enabling attackers to bypass authentication controls and potentially execute arbitrary commands through the CLI WebSocket interface. While no CVSS score, EPSS data, or active exploitation in the wild (KEV) status has been publicly disclosed, the vulnerability affects a critical Jenkins component and was responsibly disclosed by the Jenkins security team.

Jenkins Authentication Bypass Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-28271 MEDIUM This Month

Kiteworks versions prior to 9.2.0 contain a DNS rebinding vulnerability that allows authenticated administrators to circumvent SSRF protections and access restricted internal services. An attacker with administrative privileges could exploit this misconfiguration to reach backend systems that should be isolated from external access. No patch is currently available for affected deployments.

DNS SSRF Kiteworks
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1490 CRITICAL Act Now

CleanTalk Anti-Spam WordPress plugin has an authorization bypass enabling unauthenticated attackers to perform file operations on the WordPress server.

WordPress DNS RCE
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2025-59956 Go MEDIUM POC PATCH This Week

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Agentapi Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-59163 Go LOW PATCH Monitor

vet is an open source software supply chain security tool. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
2.1
EPSS
0.2%
CVE-2025-8036 HIGH PATCH This Week

DNS rebinding attacks can bypass Cross-Origin Resource Sharing (CORS) protections in Mozilla Firefox and Thunderbird due to improper cache invalidation of CORS preflight responses when target IP addresses change. Remote attackers can exploit this via malicious websites to access confidential cross-origin data without user authentication (CVSS: PR:N, UI:R). No public exploit identified at time of analysis, though CERT VU#652514 provides technical disclosure. EPSS data not provided, but the combination of network-accessible attack vector, low complexity, and no required privileges warrants attention for organizations using affected Mozilla products.

Mozilla Information Disclosure Thunderbird Red Hat Suse
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-53275 MEDIUM This Month

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
5.3
EPSS
0.3%
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Server-side request forgery (SSRF) in GitLab CE/EE allows an authenticated user with maintainer-role permissions to probe and interact with internal network resources by configuring malicious mirror synchronization URLs that bypass GitLab's URL validation controls. The flaw spans an exceptionally wide version range - from 8.3 all the way through the 19.x train - making the population of unpatched instances large. CWE-350 (Reliance on Reverse DNS Resolution) indicates the bypass likely exploits DNS-based validation circumvention rather than a simple allowlist gap. No public exploit or active KEV listing is confirmed at time of analysis, but the maintainer privilege bar is low enough in shared multi-tenant GitLab deployments to materially broaden the attacker population.

Gitlab Information Disclosure
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

DNS rebinding on the Mercusys AC12G (EU) V1 router (firmware AC12G(EU)_V1_200909) exposes the router's web management interface to attacker-controlled external origins due to absent HTTP Host header validation. A remote unauthenticated attacker (per CVSS PR:N) can rebind a malicious domain to the router's LAN IP address, then leverage the router's pre-existing CORS wildcard (Access-Control-Allow-Origin: *) to read admin interface responses cross-origin from within the victim's browser. No public exploit beyond the researcher's advisory exists and no CISA KEV listing is present at time of analysis.

Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW Monitor

Reliance on reverse DNS resolution in ericc-ch copilot-api up to version 0.7.0 allows authenticated remote attackers to manipulate the Host header in the /token endpoint, leading to information disclosure. The vulnerability affects the Header Handler component and has been publicly disclosed with exploit code available; the vendor did not respond to early disclosure notification.

Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Jenkins versions 2.442 through 2.554 and LTS 2.426.3 through 2.541.2 contain an origin validation bypass vulnerability in the CLI WebSocket endpoint that allows attackers to conduct DNS rebinding attacks. The vulnerability stems from improper use of Host and X-Forwarded-Host headers to compute expected request origins, enabling attackers to bypass authentication controls and potentially execute arbitrary commands through the CLI WebSocket interface. While no CVSS score, EPSS data, or active exploitation in the wild (KEV) status has been publicly disclosed, the vulnerability affects a critical Jenkins component and was responsibly disclosed by the Jenkins security team.

Jenkins Authentication Bypass Red Hat
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Kiteworks versions prior to 9.2.0 contain a DNS rebinding vulnerability that allows authenticated administrators to circumvent SSRF protections and access restricted internal services. An attacker with administrative privileges could exploit this misconfiguration to reach backend systems that should be isolated from external access. No patch is currently available for affected deployments.

DNS SSRF Kiteworks
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL Act Now

CleanTalk Anti-Spam WordPress plugin has an authorization bypass enabling unauthenticated attackers to perform file operations on the WordPress server.

WordPress DNS RCE
NVD
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Week

AgentAPI is an HTTP API for Claude Code, Goose, Aider, Gemini, Amp, and Codex. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Agentapi Suse
NVD GitHub
EPSS 0% CVSS 2.1
LOW PATCH Monitor

vet is an open source software supply chain security tool. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

DNS rebinding attacks can bypass Cross-Origin Resource Sharing (CORS) protections in Mozilla Firefox and Thunderbird due to improper cache invalidation of CORS preflight responses when target IP addresses change. Remote attackers can exploit this via malicious websites to access confidential cross-origin data without user authentication (CVSS: PR:N, UI:R). No public exploit identified at time of analysis, though CERT VU#652514 provides technical disclosure. EPSS data not provided, but the combination of network-accessible attack vector, low complexity, and no required privileges warrants attention for organizations using affected Mozilla products.

Mozilla Information Disclosure Thunderbird +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy