Skip to main content

Ai Gateway

1 CVEs product

Monthly

CVE-2026-15508 LOW POC Monitor

Server-side request forgery in Helicone ai-gateway (up to 0.2.0-beta.30) allows a low-privileged remote attacker to manipulate the `extracted_path_and_query` argument within the `build_target_url` function of the AWS Metadata Service component, causing the gateway to issue unauthorized server-side HTTP requests to internal infrastructure. For deployments on AWS, this most critically targets the EC2 Instance Metadata Service (IMDS) at 169.254.169.254, potentially exposing IAM role credentials that carry blast radius far exceeding the assigned CVSS 5.3 score. A public exploit exists via GitHub, and the vendor was unresponsive to pre-disclosure contact, meaning no vendor-confirmed patch is available at time of analysis.

SSRF Ai Gateway
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.3%
EPSS 0% CVSS 2.1
LOW POC Monitor

Server-side request forgery in Helicone ai-gateway (up to 0.2.0-beta.30) allows a low-privileged remote attacker to manipulate the `extracted_path_and_query` argument within the `build_target_url` function of the AWS Metadata Service component, causing the gateway to issue unauthorized server-side HTTP requests to internal infrastructure. For deployments on AWS, this most critically targets the EC2 Instance Metadata Service (IMDS) at 169.254.169.254, potentially exposing IAM role credentials that carry blast radius far exceeding the assigned CVSS 5.3 score. A public exploit exists via GitHub, and the vendor was unresponsive to pre-disclosure contact, meaning no vendor-confirmed patch is available at time of analysis.

SSRF Ai Gateway
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy