Monthly
Server-Side Request Forgery in Kibana allows an authenticated user holding connector management privileges to bypass the operator-configured connector allowlist, forcing the Kibana server to issue outbound HTTP requests to destinations that egress controls were explicitly designed to block. The CVSS Changed Scope (S:C) combined with high confidentiality impact (C:H) means successful exploitation extends beyond Kibana itself, potentially exposing sensitive internal network resources such as cloud metadata services or internal APIs reachable from the Kibana host. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.
Server-side request forgery in Elastic Kibana allows authenticated users holding connector management privileges to bypass operator-configured egress allowlists by crafting a Webhook connector with an arbitrary target. The flaw enables Kibana to issue outbound HTTP requests to internal or otherwise restricted destinations, exposing sensitive data accessible from the Kibana host. No public exploit identified at time of analysis, and the vulnerability is not present on the CISA KEV list.
Server-side request forgery in Music Player Daemon (MPD) before 0.24.11 allows unauthenticated remote attackers to bypass HTTP/HTTPS scheme restrictions by exploiting the CurlInputPlugin's failure to set CURLOPT_REDIR_PROTOCOLS_STR alongside CURLOPT_FOLLOWLOCATION in libcurl. An attacker who can submit URLs to MPD via commands such as add, readcomments, albumart, readpicture, or load can cause MPD to follow redirects to non-HTTP protocols including gopher, ftp, sftp, ldap, dict, rtmp, and rtsp - enabling interaction with internal or restricted network services. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV, though the CVSS 4.0 score of 6.9 with a fully unauthenticated network attack vector warrants prompt patching on any externally accessible MPD deployment.
Server-Side Request Forgery in compliance-trestle's HTTPSFetcher._do_fetch() allows a local low-privileged attacker to redirect outbound HTTP requests to internal services or cloud metadata endpoints such as 169.254.169.254 - enabling credential theft from AWS, GCP, or Azure instance metadata. Affected are all pip releases of compliance-trestle before 3.12.2 and versions 4.0.0 through 4.0.2. A public proof-of-concept (poc_ssrf_and_path_traversal.py) with 13 verified exploit vectors is attached to the GitHub Security Advisory GHSA-w76h-q7c6-jpjp; no public exploit identified at time of analysis as confirmed active exploitation (CISA KEV) and no EPSS score was provided in the input data.
SSRF protection in Local Deep Research prior to version 1.6.10 can be bypassed by authenticated users through a URL parser differential between Python's urlparse and the requests/urllib3 library. By supplying a crafted URL such as http://127.0.0.1:6666\@1.1.1.1, an attacker causes urlparse to extract the public host 1.1.1.1 (passing the SSRF check) while requests actually connects to the internal address 127.0.0.1. No public exploitation has been confirmed in CISA KEV at time of analysis, but a working proof-of-concept was included in the GHSA advisory. The CVSS 5.0 score reflects the authentication barrier (PR:L) and limited confidentiality impact (C:L), though the changed scope (S:C) signals the server itself is used to pivot to otherwise-unreachable internal resources.
Server-side request forgery in FlowIntel up to version 3.3.0 allows a low-privileged authenticated user to coerce the application server into issuing HTTP HEAD requests to attacker-specified destinations-including loopback addresses, RFC 1918 private ranges, link-local cloud metadata endpoints, and other restricted network resources-via the external reference URL probe feature in app/case/task.py. The root cause is absent URL scheme filtering and missing resolved-IP validation before the outbound request is dispatched. No public exploit has been identified at time of analysis and the CVE is not listed in CISA KEV, though the upstream fix commit confirms the flaw's existence and scope.
Server-Side Request Forgery in Independent Analytics (WordPress plugin, all versions through 2.14.9) enables unauthenticated remote attackers to inject arbitrary referrer domains into the site's analytics database and subsequently trigger server-side HTTP requests to any host - including internal network services and cloud metadata endpoints. The exploit chain combines a bypassable signature check on the public /wp-json/iawp/search REST endpoint (static salt embedded in publicly-accessible JavaScript) with a scheduled favicon fetcher that issues raw cURL requests with zero SSRF mitigations. No public exploit is identified at time of analysis and the vulnerability is not listed in CISA KEV, but CVSS PR:N/AC:L indicates exploitation requires no authentication and minimal complexity, particularly threatening for WordPress deployments on cloud infrastructure.
Server-side request forgery in Budibase before 3.39.0 lets a builder-level user coerce the server into sending POST requests to arbitrary internal or external destinations. The flaw lives in the OAuth2 SDK's fetchToken function, which issues outbound requests via plain node-fetch and bypasses the blacklist.isBlacklisted guard that every other outbound path enforces, while the Joi validation on the OAuth2 token URL imposes no scheme or host restriction. No public exploit identified at time of analysis, and the issue is fixed in 3.39.0.
Server-Side Request Forgery in Budibase's VectorDB configuration endpoint (versions prior to 3.35.3) allows authenticated builder-level users to supply arbitrary host values - including cloud metadata addresses such as 169.254.169.254 or localhost - causing the server to initiate outbound TCP connections to internal network resources on the attacker's behalf. No public exploit has been identified at time of analysis, though SSVC classifies exploitation status as 'poc', indicating proof-of-concept material exists. In cloud-hosted deployments, the real-world impact exceeds what the CVSS 5.3 score implies, as metadata endpoint access can expose instance credentials and enable privilege escalation.
Server-side request forgery in Budibase before 3.39.0 lets an authenticated user with the BUILDER role coerce the platform into making attacker-controlled outbound requests by setting a malicious OAuth2 token endpoint URL. Because the token fetch path bypassed the codebase's existing SSRF-blocking HTTP wrapper, responses from internal-only services such as the CouchDB database or cloud instance metadata endpoints can be exfiltrated. No public exploit identified at time of analysis, but the flaw is straightforward to trigger and EPSS/KEV signals were not supplied.
Server-Side Request Forgery in Kibana allows an authenticated user holding connector management privileges to bypass the operator-configured connector allowlist, forcing the Kibana server to issue outbound HTTP requests to destinations that egress controls were explicitly designed to block. The CVSS Changed Scope (S:C) combined with high confidentiality impact (C:H) means successful exploitation extends beyond Kibana itself, potentially exposing sensitive internal network resources such as cloud metadata services or internal APIs reachable from the Kibana host. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.
Server-side request forgery in Elastic Kibana allows authenticated users holding connector management privileges to bypass operator-configured egress allowlists by crafting a Webhook connector with an arbitrary target. The flaw enables Kibana to issue outbound HTTP requests to internal or otherwise restricted destinations, exposing sensitive data accessible from the Kibana host. No public exploit identified at time of analysis, and the vulnerability is not present on the CISA KEV list.
Server-side request forgery in Music Player Daemon (MPD) before 0.24.11 allows unauthenticated remote attackers to bypass HTTP/HTTPS scheme restrictions by exploiting the CurlInputPlugin's failure to set CURLOPT_REDIR_PROTOCOLS_STR alongside CURLOPT_FOLLOWLOCATION in libcurl. An attacker who can submit URLs to MPD via commands such as add, readcomments, albumart, readpicture, or load can cause MPD to follow redirects to non-HTTP protocols including gopher, ftp, sftp, ldap, dict, rtmp, and rtsp - enabling interaction with internal or restricted network services. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV, though the CVSS 4.0 score of 6.9 with a fully unauthenticated network attack vector warrants prompt patching on any externally accessible MPD deployment.
Server-Side Request Forgery in compliance-trestle's HTTPSFetcher._do_fetch() allows a local low-privileged attacker to redirect outbound HTTP requests to internal services or cloud metadata endpoints such as 169.254.169.254 - enabling credential theft from AWS, GCP, or Azure instance metadata. Affected are all pip releases of compliance-trestle before 3.12.2 and versions 4.0.0 through 4.0.2. A public proof-of-concept (poc_ssrf_and_path_traversal.py) with 13 verified exploit vectors is attached to the GitHub Security Advisory GHSA-w76h-q7c6-jpjp; no public exploit identified at time of analysis as confirmed active exploitation (CISA KEV) and no EPSS score was provided in the input data.
SSRF protection in Local Deep Research prior to version 1.6.10 can be bypassed by authenticated users through a URL parser differential between Python's urlparse and the requests/urllib3 library. By supplying a crafted URL such as http://127.0.0.1:6666\@1.1.1.1, an attacker causes urlparse to extract the public host 1.1.1.1 (passing the SSRF check) while requests actually connects to the internal address 127.0.0.1. No public exploitation has been confirmed in CISA KEV at time of analysis, but a working proof-of-concept was included in the GHSA advisory. The CVSS 5.0 score reflects the authentication barrier (PR:L) and limited confidentiality impact (C:L), though the changed scope (S:C) signals the server itself is used to pivot to otherwise-unreachable internal resources.
Server-side request forgery in FlowIntel up to version 3.3.0 allows a low-privileged authenticated user to coerce the application server into issuing HTTP HEAD requests to attacker-specified destinations-including loopback addresses, RFC 1918 private ranges, link-local cloud metadata endpoints, and other restricted network resources-via the external reference URL probe feature in app/case/task.py. The root cause is absent URL scheme filtering and missing resolved-IP validation before the outbound request is dispatched. No public exploit has been identified at time of analysis and the CVE is not listed in CISA KEV, though the upstream fix commit confirms the flaw's existence and scope.
Server-Side Request Forgery in Independent Analytics (WordPress plugin, all versions through 2.14.9) enables unauthenticated remote attackers to inject arbitrary referrer domains into the site's analytics database and subsequently trigger server-side HTTP requests to any host - including internal network services and cloud metadata endpoints. The exploit chain combines a bypassable signature check on the public /wp-json/iawp/search REST endpoint (static salt embedded in publicly-accessible JavaScript) with a scheduled favicon fetcher that issues raw cURL requests with zero SSRF mitigations. No public exploit is identified at time of analysis and the vulnerability is not listed in CISA KEV, but CVSS PR:N/AC:L indicates exploitation requires no authentication and minimal complexity, particularly threatening for WordPress deployments on cloud infrastructure.
Server-side request forgery in Budibase before 3.39.0 lets a builder-level user coerce the server into sending POST requests to arbitrary internal or external destinations. The flaw lives in the OAuth2 SDK's fetchToken function, which issues outbound requests via plain node-fetch and bypasses the blacklist.isBlacklisted guard that every other outbound path enforces, while the Joi validation on the OAuth2 token URL imposes no scheme or host restriction. No public exploit identified at time of analysis, and the issue is fixed in 3.39.0.
Server-Side Request Forgery in Budibase's VectorDB configuration endpoint (versions prior to 3.35.3) allows authenticated builder-level users to supply arbitrary host values - including cloud metadata addresses such as 169.254.169.254 or localhost - causing the server to initiate outbound TCP connections to internal network resources on the attacker's behalf. No public exploit has been identified at time of analysis, though SSVC classifies exploitation status as 'poc', indicating proof-of-concept material exists. In cloud-hosted deployments, the real-world impact exceeds what the CVSS 5.3 score implies, as metadata endpoint access can expose instance credentials and enable privilege escalation.
Server-side request forgery in Budibase before 3.39.0 lets an authenticated user with the BUILDER role coerce the platform into making attacker-controlled outbound requests by setting a malicious OAuth2 token endpoint URL. Because the token fetch path bypassed the codebase's existing SSRF-blocking HTTP wrapper, responses from internal-only services such as the CouchDB database or cloud instance metadata endpoints can be exfiltrated. No public exploit identified at time of analysis, but the flaw is straightforward to trigger and EPSS/KEV signals were not supplied.