Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 531— Search: SSRF×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Clear
Examples: RCE · SSRF · GHSA · log4j
Filter
CVSS 4.3
Blind SSRF in prompts.chat media-generate feature
www.vulncheck.com · 2026-04-04

### 漏洞总结 **漏洞概述** * **漏洞名称:** prompts.chat Blind SSRF via media-generate * **漏洞类型:** 盲 SSRF (Server-Side Request Forgery) * **描述:** prompts.chat 的 `media-generate` 功能存在盲 SSRF 漏洞。未授权用户(unprivileged use…

Read more
CVSS 7.7
prompts.chat SSRF via Fal.ai Media Status Polling
www.vulncheck.com · 2026-04-04

# 漏洞总结 **漏洞名称**: prompts.chat SSRF via Fal.ai Media Status Polling **漏洞概述**: prompts.chat (产品ID: 204644) 在 Fal.ai 媒体状态轮询功能中存在服务器端请求伪造(SSRF)漏洞。 **影响范围**: - **受影响产品**: prompts.chat - **漏洞类型**: SSRF (Ser…

Read more
CVSS 7.7
Falai SSRF Vulnerability and AWS Credential Leakage Analysis
gist.github.com · 2026-04-04

# Falai Media Status Polling SSRF & Credential Leakage Vulnerability Summary ### Vulnerability Overview * **Vulnerability Name**: SSRF & Credential Leakage via Falai Media Status Polling * **Vulnerabi…

Read more
CVSS 7.7
Fix SSRF & Credential Leakage in fourclement Poll.at status polling
github.com · 2026-04-04

### Key Vulnerability Information Summary **Vulnerability Overview** * **Type**: SSRF (Server-Side Request Forgery) and Credential Leakage. * **Description**: A vulnerability in the `fourclement` modu…

Read more
CVSS 4.3
Wire InputImageLayer1 Blind SSRF via Unvalidated URL Scheme
github.com · 2026-04-04

# Security Report Summary: Wire InputImageLayer1 Blind SSRF ## Vulnerability Overview - **Name:** Wire InputImageLayer1 Blind SSRF - **Type:** Blind Server-Side Request Forgery (SSRF) - **Root Cause:*…

Read more
Premium intel
CVSS 8.6
SSRF in PraisonAI praisonagents FileTools.download_file via Unvalidated URL
github.com · 2026-04-04

# SSRF in FileTools.download_file() via Unvalidated URL -- PraisonAI ### Summary This is an SSRF (Server-Side Request Forgery) vulnerability in the `FileTools.download_file()` function within the `pra…

Read more
Premium intel
CVSS 10.0
GitLab CVE-2021-22205 SSRF/DoS Vulnerability Analysis
github.com · 2026-04-04

Based on the provided screenshot, this is a GitHub issue page regarding the GitLab vulnerability CVE-2021-22205. The following is a summary of the key information: **Vulnerability Overview** * **Vulne…

Read more
Stored SSRF in QingdaoU OnlineJudge via service_url
github.com · 2026-04-05

# Vulnerability Summary: Stored SSRF in QingdaoU Onlinejudge Judge Server service_url ## Vulnerability Overview | Item | Content | |:---|:---| | **Vulnerability Type** | Stored Server-Side Request For…

Read more
CVSS 6.3
Huly Platform SSRF Vulnerability Analysis (CVE-2026-5623)
vuldb.com · 2026-04-06

### Vulnerability Key Information Summary **1. Vulnerability Overview** * **Vulnerability Type**: Server-Side Request Forgery (SSRF). * **Detailed Description**: A critical-level vulnerability was dis…

Read more
CVSS 8.6
curl_cffi SSRF via Redirect to Cloud Metadata Endpoint
github.com · 2026-04-07

### Vulnerability Overview The `curl_cffi` library contains a redirect-based Server-Side Request Forgery (SSRF) vulnerability. The library does not restrict requests to internal IP addresses and autom…

Read more
CVSS 5.4
SSRF in vLLM download_bytes_from_url function
github.com · 2026-04-07

# SSRF in `download_bytes_from_url` ## Vulnerability Overview In the `vllm-project/vllm` project, the `download_bytes_from_url` function contains a Server-Side Request Forgery (SSRF) vulnerability. An…

Read more
esaml XXE/SSRF Vulnerability (EEF-CVE-2026-28809) Analysis and Fix
osv.dev · 2026-04-07

### Vulnerability Summary: EEF-CVE-2026-28809 **1. Vulnerability Overview** * **Vulnerability ID**: EEF-CVE-2026-28809 * **Vulnerability Type**: XML External Entity (XXE), Server-Side Request Forgery …

Read more
CVSS 5.8
SSRF Vulnerability Analysis and Fix: URL Validation Logic Implementation
github.com · 2026-04-07

# Vulnerability Summary ## 1. Vulnerability Overview This is a **SSRF (Server-Side Request Forgery)** vulnerability. - **Description**: The application lacks effective validation and sanitization mech…

Read more
CVSS 7.2
lin-snow/echo SSRF Vulnerability Analysis and Fix Guide
github.com · 2026-04-07

# Vulnerability Summary: lin-snow/echo SSRF Vulnerability ## Vulnerability Overview An unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in the `GetWebsiteTitle` function of the …

Read more
CVSS 7.5
Unauthenticated SSRF in Echo Website Preview Feature with POC
github.com · 2026-04-07

# GitHub Security Advisory: Unauthenticated SSRF in Website Preview Feature ## Vulnerability Overview The "Website Preview" feature in Echo (implemented via `GET /api/website/title`) contains an unaut…

Read more
SSRF Vulnerability Fix in Payload Framework: Code Analysis and Mitigation
github.com · 2026-04-07

### Vulnerability Key Information Summary **Vulnerability Overview** This commit fixes a **SSRF (Server-Side Request Forgery)** vulnerability. When the Payload framework initiates HTTP requests (speci…

Read more
CVSS 7.7
pyload-ng CVE-2026-35187 SSRF Vulnerability and POC
github.com · 2026-04-07

### Vulnerability Overview * **Title**: SSRF in `parse_urls` API endpoint via unvalidated URL parameter * **CVE ID**: CVE-2026-35187 * **CVSS Score**: 7.7 / 10 (High) * **Description**: The `parse_url…

Read more
Premium intel
CVSS 7.2
Dolibarr 23.0.2 Security Update: SSRF and File Handling Vulnerabilities Fixed
github.com · 2026-04-07

# Dolibarr 23.0.2 Security Update Summary ## Vulnerability Overview This release (23.0.2) includes multiple security fixes and permission improvements, primarily addressing the following critical vuln…

Read more
CVSS 5.0
Papra <=26.3.0 Blind SSRF via Webhook URL Analysis and Fix
github.com · 2026-04-08

### Vulnerability Overview **Vulnerability Name:** Blind Server-Side Request Forgery (SSRF) via Webhook URL **Description:** Papra's webhook system allows authenticated users to register any URL as a …

Read more
ChurchCRM SSRF Vulnerability Analysis and PoC
github.com · 2026-04-08

### Vulnerability Summary: ChurchCRM SSRF Vulnerability **Vulnerability Overview** A Server-Side Request Forgery (SSRF) vulnerability exists in ChurchCRM versions 5.21.0 and earlier. Attackers can ind…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.