Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
PostgreSQL dblink Abuse for Privilege Escalation and SSRF Analysis
www.leidecker.info · 2025-11-09

From this screenshot, the following key information about the vulnerability can be extracted: ### 1. **PostgreSQL dblink Exploitation** - **Abuse of dblink Functionality**: - dblink is a PostgreSQL li…

Read more
CVSS 7.5
Parse Server SSRF Vulnerability (CVE-2025-64430) Advisory
github.com · 2025-11-09

## Critical Vulnerability Information ### Vulnerability Overview - **Vulnerability Type**: Server-Side Request Forgery (SSRF) - **Affected Function**: File Upload via URI Format - **Affected Versions*…

Read more
CVSS 5.3
CVE-2025-64327: Blind SSRF in /api/ping (<=0.6.7)
github.com · 2025-11-09

### Critical Vulnerability Information #### Vulnerability Overview - **Type**: Blind Server-Side Request Forgery (SSRF) - **Affected Versions**: <= 0.6.7 - **Fixed Version**: 0.6.8 - **CVE ID**: CVE-2…

Read more
MetInfo CMS <8.1 XXE/SSRF Vulnerability Analysis and PoC
github.com · 2025-11-09

### Critical Vulnerability Information #### 1. Vulnerability Overview - **Type**: Server-Side Request Forgery (SSRF) vulnerability, achieved through XML External Entity (XXE) injection. - **Affected S…

Read more
MetInfo CMS XXE Leading to SSRF Vulnerability Analysis
github.com · 2025-11-09

### Vulnerability Overview - **Vulnerability Name**: SSRF Vulnerability Exploited via XXE Injection in MetInfo - **Summary**: - SSRF vulnerability is achieved through XML External Entity (XXE) injecti…

Read more
SSRF Vulnerability in /api/proxy/ targetUrl Parameter: Exploit and Fix
github.com · 2025-11-09

### Critical Vulnerability Information #### Description - **Vulnerability Type**: SSRF (Server-Side Request Forgery) - **Cause**: The `targetUrl` parameter in the `/api/proxy/` endpoint is exposed, al…

Read more
Fix SSRF: Disable HTTP redirects in Go client
github.com · 2025-11-10

- **Commit Information:** - Commit Hash: `f40135d` - Committed by: `gabek` - Date: April 25, 2023 - Commit Message: `fix: disable redirects to guard against possible SSRFs` - **Files Changed:** - `act…

Read more
Premium intel
CVSS 9.1
SSRF in Soft-Serve Webhooks (CVE-2025-64522)
github.com · 2025-11-11

### SSRF in Webhooks **Severity:** High (7.7 / 10) #### Package - **Repository:** github.com/charmbracelet/soft-serve (Go) - **Affected Versions:** < v0.11.0 - **Patched Versions:** v0.11.1 #### Descr…

Read more
CVSS 4.3
OpenClinica XXE Vulnerability: Local File Disclosure and SSRF via XML Import
github.com · 2025-11-11

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: XML External Entity (XXE) - **Impact**: File disclosure and potential Server-Side Request Forgery (SSRF) ##…

Read more
Premium intel
CVSS 6.8KEV
GitLab CI Lint API SSRF Vulnerability (CVE-2021-39935) Patch Analysis
gitlab.com · 2025-11-12

```md # II. Key Vulnerability Information from Screenshot ## Title: - SSRF Patch for CI Lint API is Incomplete ## Type: - Security, Bug ## Severity: - Priority 3 (Moderate) ## CVE: - CWE-918 (SSRF) ##…

Read more
OneNav v0.9.35 SSRF Vulnerability in get_link_info API with PoC
github.com · 2025-11-13

### Key Information Summary - **Vulnerability Type**: SSRF (Server-Side Request Forgery) vulnerability - **Affected Version**: OneNav v0.9.35-20240318 - **Vulnerability Description**: - After gaining …

Read more
ikiwiki Aggregator Plugin SSRF Vulnerability (CVE-2019-9187) Fix
lists.debian.org · 2025-11-13

### Critical Vulnerability Information - **Package**: ikiwiki - **Version**: 3.20141016.4+deb8u1 - **CVE ID**: CVE-2019-9187 #### Vulnerability Description The maintainer of ikiwiki discovered that th…

Read more
Apache Batik/FOP/XMLGraphics Commons SSRF/XXE/Deserialization Vulnerability Advisory
xmlgraphics.apache.org · 2025-11-14

- **Apache™ Batik Project Security:** - CVE-2022-44729 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-44730 / SSRF vulnerability / Fixed in Batik 1.17 - CVE-2022-42890 / SSRF vulnerability / Fi…

Read more
CVSS 8.6
Red Hat python-kdcproxy Security Update: CVE-2025-59088 Unauthenticated SSRF and CVE-2025-59089 Remote DoS
access.redhat.com · 2025-11-14

## Critical Vulnerability Information ### Summary - RHSA-2025:21142: python-kdcproxy Security Update ### Type/Severity - Important ### Subject - An update for python-kdcproxy is now available for Red …

Read more
CVSS 8.6
Red Hat python-kdcproxy Security Update: CVE-2025-59088 SSRF & CVE-2025-59089 DoS
access.redhat.com · 2025-11-14

### Critical Vulnerability Information - **Advisory ID**: RHSA-2025:21138 - **Release Date**: 2025-11-12 - **Update Date**: 2025-11-12 - **Severity**: Important #### Vulnerability Overview - **Title**…

Read more
CVSS 8.6
Red Hat python-kdcproxy Unauthenticated SSRF and Remote DoS Fix (RHSA-2025:21140)
access.redhat.com · 2025-11-14

### Critical Vulnerability Information #### Vulnerability Identifier - RHSA-2025:21140 #### Release & Update - Release Date: 2025-11-12 - Update Date: 2025-11-12 #### Summary - Severity: idm:DL1 Secur…

Read more
CVSS 5.9
Red Hat python-kdcproxy SSRF-induced DoS via Unbounded Memory Allocation (CVE-2025-59089)
access.redhat.com · 2025-11-14

## Key Information ### Description - **CVE**: CVE-2025-59089 - **Disclosure Date**: November 12, 2025 - **Severity**: Medium (CVSS v3 Base Score: 5.9) ### Vulnerability Details - **Description**: If a…

Read more
CVSS 8.6
Red Hat python-kdcproxy SSRF Vulnerability (CVE-2025-59088) Advisory
access.redhat.com · 2025-11-14

### Critical Vulnerability Information - **CVE ID**: CVE-2025-59088 - **Release Date**: November 12, 2025 - **Severity**: Important - **CVSS v3 Score**: 8.6 #### Description If kdcproxy receives a req…

Read more
Zammad SSRF via GitHub/GitLab Integration (CVE-2021-42091)
zammad.com · 2025-11-19

- **ID:** ZAA-2021-08 - **Date:** 10/05/2020 - **Title:** Server Side Request Forgery via GitHub/GitLab Integration - **Severity:** medium - **Product:** Zammad 1.0.x up to 4.1.0 - **Fixed in:** Zamma…

Read more
Jenkins Plugin Security Advisories: CVE-2020-2320 to 2324 (CSRF, SSRF, Auth Bypass)
www.jenkins.io · 2025-11-19

```md ## Critical Vulnerability Information ### Vulnerability Overview - The document lists several critical vulnerabilities in Jenkins deliverables. ### Vulnerability Description #### CVSS Vulnerabil…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.