Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 6.3
SSRF Vulnerability in /api/download Endpoint
github.com · 2026-02-21

### Key Information #### Vulnerability Description - The `/api/download` endpoint accepts a URL parameter provided by the user without any security validation. It directly uses `http.Get()` to initiat…

Read more
SoftVision webPDF SSRF Leading to LFI Vulnerability (CVE-2025-55853) Analysis
github.com · 2026-02-21

## CVE-2025-55853 - Local File Inclusion via Server Side Request Forgery ### About SoftVision webPDF versions prior to 10.0.2 are vulnerable to Server-Side Request Forgery (SSRF). ### Key Information …

Read more
CVSS 7.1
OpenSift SSRF Vulnerability (CVE-2026-27170) Fix Details
github.com · 2026-02-21

### Vulnerability Key Information #### Vulnerability Description - **Vulnerability Name**: SSRF risk in OpenSift URL ingestion endpoint - **CVE ID**: CVE-2026-27170 - **Release Date**: 2 days ago - **…

Read more
CVSS 5.0
ClipBucket V5 SSRF Vulnerability (CVE-2026-26005) Analysis and Internal Network Scanning
github.com · 2026-02-21

### Key Information #### Vulnerability Description - **Title**: Internal network scan via an SSRF vulnerability - **Affected Versions**: = 5.5.3 - #45 - **Severity**: Moderate (5.0/10) - **CVE ID**: C…

Read more
CVSS 6.3
Fix SSRF in Test LLM API Endpoint via Fixed Response Time
github.com · 2026-02-21

### Key Information - **PR Type**: Bug fix, Enhancement - **Description**: - Added a fixed response time (10 seconds) to prevent SSRF port scanning - Implemented delays in both success and error paths…

Read more
CVSS 6.3
Hugging Face smolagents LocalPythonExecutor SSRF Vulnerability Analysis
github.com · 2026-02-21

## Key Information ### Affected Products - **Product**: smolagents - **Vendor**: Hugging Face - **Vulnerable Component**: LocalPythonExecutor ### Affected Versions V1.x ### Vulnerability Type - SSRF (…

Read more
LibreDesk Webhooks SSRF Vulnerability (CVE-2026-26957) Analysis and Exploitation
github.com · 2026-02-21

## SSRF Vulnerability in Webhooks ### Key Information **Package:** LibreDesk **Affected Versions:** Latest **Patched Versions:** None **CVE ID:** CVE-2026-26957 **Severity:** Medium **Weaknesses:** CW…

Read more
Premium intel
CVSS 9.8
Alfresco Transform Service Vulnerabilities: CVE-2026-26337/338/339 (RCE, SSRF, Path Traversal)
connect.hyland.com · 2026-02-21

- **CVE-2026-26337**: Absolute Path Traversal (Arbitrary File Read + SSRF) - Impact: Arbitrary file read and server-side request forgery (SSRF) - Affected Components: Alfresco Transform Service (ATS),…

Read more
CVSS 7.3
JEEWMS v3.7 UEditor SSRF Vulnerability in getRemoteImage.jsp
www.notion.so · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Inpu…

Read more
CVE-2026-25545: SSRF in @astrojs/node via Host Header Injection with PoC
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Form…

Read more
CVSS 6.3
DataLinkDC dinky SSRF Vulnerability Analysis (CVE-2026-3052)
vuldb.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Inpu…

Read more
CVSS 6.3
Dinky FlinkProxyController SSRF Vulnerability Analysis
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
CVSS 6.3
Dinky FlinkProxyController SSRF Vulnerability Analysis
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary to English. * **Role:** Professional translator specializing in cybersecurity. * **Cons…

Read more
Craft CMS SSRF Fix via IPv6 Prefix Filtering (GHSA-v2gc-rm6g-wrw9)
github.com · 2026-02-24

Thinking Process: 1. **Analyze the Request:** * **Task:** Translate a Chinese vulnerability intelligence summary into English. * **Role:** Professional translator specializing in cybersecurity. * **Co…

Read more
CVE-2026-27732: Authenticated SSRF in AVideo <22
github.com · 2026-02-25

### Key Vulnerability Information - **Vulnerability ID:** GHSA-h39h-7cvg-q7j6 - **CVE ID:** CVE-2026-27732 - **Vulnerability Type:** Authenticated Server-Side Request Forgery (SSRF) — CWE-918 - **Affe…

Read more
CVSS 8.6
changetection.io SSRF Vulnerability (CVE-2026-27696) Advisory
github.com · 2026-02-25

### Key Information - **Vulnerability Type**: Server-Side Request Forgery (SSRF) via Watch URLs - **Severity**: High (8.6/10) - **CVE ID**: CVE-2026-27696 - **Affected Versions**: `. ### Exploitation …

Read more
CVSS 7.7
GHSA-jcc6-f9v6-f7jw: Authenticated Full Read SSRF via Favicon Fetching (CVE-2026-27706)
github.com · 2026-02-26

### Key Information #### Vulnerability Details - **Title**: Full Read SSRF via Favicon Fetching in "Add Link" Feature - **ID**: GHSA-jcc6-f9v6-f7jw - **Publisher**: sriramveeraghanta - **Published**: …

Read more
CVSS 3.1
sz-boot-parent <= v1.3.2-beta SSRF and Arbitrary File Read Vulnerability
vuldb.com · 2026-02-26

### Key Information Summary #### Title - **Title**: feiyuchuixue https://github.com/feiyuchuixue/sz-boot-parent sz-boot-parent <= v1.3.2-beta Arbitrary_File_Read/SSRF #### Description - **Description*…

Read more
SSRF Vulnerability Principles and Defense Checklist
developer.mozilla.org · 2026-02-26

### Key Information on SSRF Vulnerabilities - **Definition**: - Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to force a server to make arbitrary network requests. Sinc…

Read more
OpenKruise CVE-2026-24005 SSRF via Unrestricted Host Field
github.com · 2026-02-26

### Vulnerability Key Information - **CVE ID**: CVE-2026-24005 - **Vulnerability Type**: SSRF (Server-Side Request Forgery) via Unrestricted Host Field - **Affected Versions**: <v1.8.0 - **Fixed Versi…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.