Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.5
WSO2 Identity Server Unauthenticated SSRF Vulnerability (CVE-2024-7073) Advisory
security.docs.wso2.com · 2025-06-04

### Key Information #### Vulnerability Overview - **Vulnerability ID**: WSO2-2024-3562/CVE-2024-7073 - **Release Date**: November 10, 2024 - **Version**: 1.0.0 - **Severity**: Medium - **CVSS Score**:…

Read more
DataEase Redshift SSRF Fix: Blocking socketFactory Parameters
github.com · 2025-06-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: - **Submission Details**: - Submission ID: `03b18db` - Submitters: `jinlong-T` and `tjlydx` - Submi…

Read more
CVSS 9.3
GeoServer CVE-2024-34711: SSRF via Improper ENTITY_RESOLUTION_ALLOWLIST Validation
github.com · 2025-06-11

### Critical Vulnerability Information #### Vulnerability Name Improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF) #### Affected Versions - org.geoserver.main:gs-main (Maven):…

Read more
CVSS 7.5
GeoServer CVE-2024-29198 Unauthenticated SSRF via TestWfsPost
github.com · 2025-06-12

### Critical Vulnerability Information #### Vulnerability Overview - **Type**: Unauthenticated SSRF via TestWfsPost - **Severity**: High (7.5/10) - **CVE ID**: CVE-2024-29198 - **CWE**: CWE-918 #### A…

Read more
CVSS 5.5
GeoServer Coverage REST API SSRF Vulnerability (CVE-2024-40625)
github.com · 2025-06-12

### Critical Vulnerability Information #### Vulnerability Name Coverage REST API Server Side Request Forgery #### Affected Versions - `org.geoserver.gs-rest` (Maven): < 2.26.0 - `org.geoserver.web:gs-…

Read more
Selea Targa IP Camera Unauthenticated SSRF Vulnerability (ZSL-2021-5617)
www.zeroscience.mk · 2025-07-06

### Key Information - **Vulnerability Title**: Selea Targa IP OCR-ANPR Camera Unauthenticated SSRF - **Advisory ID**: ZSL-2021-5617 - **Type**: Local/Remote - **Impact**: Exposure of System Informatio…

Read more
Selela Targa IP OCR-ANPR Camera Unauthenticated SSRF Vulnerability
www.exploit-db.com · 2025-07-06

### Key Information - **Vulnerability Name**: Selela Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated) - **EDB-ID**: 45457 - **CVE**: N/A - **Author**: cJoko 'liquidworm' Krstic - **Type**: W…

Read more
Premium intel
CVSS 7.5
Apex Central SSRF and wagent RCE Vulnerabilities (CVE-2025-30678/47865)
success.trendmicro.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Details - **CVE-2025-30678**: modTMSM Server-Side Request Forgery Information Disclosure Vulnerability - CVSS v3.1: 4.3 (AV:N/AC:L/PR:N/UI:N/S…

Read more
ELECOM Router Vulnerabilities: RCE, SSRF, File Upload (CVE-2025-36519, etc.)
jvn.jp · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Overview - **CVE IDs**: CVE-2025-36519, CVE-2025-41427, CVE-2025-48077, CVE-2025-48789, CVE-2025-48800 - **Affected Products**: Multiple model…

Read more
CVSS 6.3
SSRF Vulnerability in bbs AdminManageAction via Host Header
github.com · 2025-07-06

### Key Information Summary #### Vulnerability Overview - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Discovery Date**: 2025-06-18 - **Affected Project**: bbs - **Affected Version**…

Read more
CVSS 6.3
SSRF Vulnerability in bbs AdminManageAction via Host Header
github.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Type - Server-Side Request Forgery (SSRF) #### Discovery Date - 2025-06-18 #### Affected Version - v0.8 #### Affected API - /admin/login #### …

Read more
CVSS 8.6
Octo-STS CVE-2025-52477 Unauthenticated SSRF via OIDC Flow
github.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Overview - **Title**: Unauthenticated SSRF with HTTP Response Reflection in OIDC Flow - **Severity**: High (8.6/10) - **CVE ID**: CVE-2025-524…

Read more
CVSS 3.0
Lychee SSRF Vulnerability in /api/v2/Photo::fromUrl with PoC
github.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Type - Server-Side Request Forgery (SSRF) #### Affected Versions - <= 6.6.12 #### Fixed Version - 6.6.13 #### Vulnerability Description - A se…

Read more
CVSS 6.3
MaxKey SAML20DetailsController SSRF Vulnerability Analysis
github.com · 2025-07-06

### Key Information #### Vulnerability Description - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Project**: Two APIs in the MaxKey project are vulnerable to SSRF. - **Disco…

Read more
CVSS 6.3
MaxKey SAML20DetailsController SSRF Vulnerability Analysis
github.com · 2025-07-06

### Key Information #### Vulnerability Description - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Affected Project**: Two API endpoints in the MaxKey project are vulnerable to SSRF. …

Read more
Selex Targa SSRF Vulnerability (ZSL-2021-5637)
cxsecurity.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Type - **Server-Side Request Forgery (SSRF)** #### Affected Devices and Versions - **Vendor**: Selex s.r.l. - **Product Website**: https://www…

Read more
CVSS 7.5
Red Hat AMQ Streams 2.9.1 Security Update: CVE-2025-27817 SSRF, CVE-2025-24970 DoS
access.redhat.com · 2025-07-06

### Critical Vulnerability Information #### Vulnerability Overview - **Type/Severity**: Important - **Subject**: Red Hat Streams for Apache Kafka 2.9.1 Release and Security Update #### Vulnerability D…

Read more
Nimesa Backup and Recovery OS Command Injection and SSRF Vulnerabilities (CVE-2025-48501/CVE-2025-53473)
jvn.jp · 2025-07-12

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability ID**: JVN#88251376 - **Product**: Nimesa Backup and Recovery - **Release Date**: 2025/07/07 - **Update Date**: 2025…

Read more
CVSS 3.7
PHP fsockopen() Null Byte Termination SSRF (CVE-2023-4730)
github.com · 2025-07-15

### Key Information #### Vulnerability Name - Null byte termination in hostnames #### Affected Versions - < 8.1.33 - < 8.2.29 - < 8.3.23 - < 8.4.10 #### Fixed Versions - 8.1.33 - 8.2.29 - 8.3.23 - 8.4…

Read more
CVSS 6.3
XXL-Job SSRF Vulnerability Analysis (Pre-Auth/HttpJobHandler)
github.com · 2025-07-19

### Key Information #### Vulnerability Type - SSRF (Server-Side Request Forgery) #### Affected Versions - xxl-job version 2.3.0 and earlier #### Vulnerability Description - In the `HttpJobHandler` cla…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.