Security Intel Hub 531— Search: `SSRF`×

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

OpenClaw < 2026.4.8 - Strict Browser SSRF Bypass via Playwright Redirect Handling | Advisories | VulnCheck

www.vulncheck.com · 2026-04-29

# OpenClaw = 0, < 2026.4.8 - **CVSS Score**: 4.0 (AV:N/AC:L/AT:N/PR:N/UI:PVC:N/EL:VA/N/SCH:SEL/SA:N) - **Vulnerability Type**: CVE-918 Server-Side Request Forgery (SSRF) ## Remediation - **Fixed Versi…

fix: add browser SSRF follow-up changelog entry (#66386) · openclaw/openclaw@024f461 · GitHub

github.com · 2026-05-05

### Vulnerability Overview This vulnerability involves the browser SSRF (Server-Side Request Forgery) policy in OpenClaw. Specifically, under the default browser SSRF policy, hostname navigation becom…

CVSS 4.8

Rack Host Header Validation Bypass via Invalid Characters

github.com · 2026-04-03

# Rack::Request Host Header Validation Bypass Vulnerability Summary **Vulnerability Overview** * **Vulnerability Name:** Rack::Request accepts invalid Host characters, enabling host allowlist bypass (…

aiohttp fix: drop malicious Host/Origin headers on redirect to prevent SSRF

github.com · 2026-04-02

### 漏洞概述该 Commit 修复了 **aiohttp** 库中的一个安全漏洞：在客户端进行重定向（Redirect）时，若目标为外部绝对 URL，原有的 `Host` 和 `Origin` 请求头会被保留并发送至新目标，可能导致 **Host 头注入** 或 **SSRF（服务器端请求伪造）** 攻击。攻击者可利用此行为欺骗后端服务，绕过安全校验。 ### 影响范围 - **项目**: …

CVSS 6.5

Microsoft .NET Framework XmlTextReader XXE Injection Vulnerability and POC

github.com · 2026-04-02

**Vulnerability Overview** * **Vulnerability Name:** XML External Entity (XXE) Injection via Unsafe XmlTextReader in XML file and Schema loading * **Affected Products:** Microsoft .NET Framework (spec…

SSRF bypass in PraisonAI v4.6.29 · Advisory · MervinPraison/PraisonAI · GitHub

github.com · 2026-05-08

### SSRF bypass in PraisonAI v4.6.29 #### Vulnerability Overview A logical flaw in the URL validation logic within the PraisonAI project allows attackers to bypass security restrictions, leading to Se…

Premium intel

CVSS 10.0

Azure Datastrix Privilege Escalation via SSRF (CVE-2026-33107) Advisory

msrc.microsoft.com · 2026-04-03

# Azure Datastrix 提权漏洞 (CVE-2026-33107) ## 漏洞概述 * **漏洞名称**: Azure Datastrix Elevation of Privilege Vulnerability * **CVE编号**: CVE-2026-33107 * **发布日期**: 2026年4月2日 * **严重性**: Critical (严重) * **CVSS评分**…

SSRF Vulnerability in Angular Platform-Server via Protocol-Relative URLs

github.com · 2026-05-08

# SSRF via protocol-relative and backslash URLs in Angular Platform-Server ## Vulnerability Overview A **Server-Side Request Forgery (SSRF)** vulnerability exists in `@angular/platform-server`. This v…

CVE-2026-28889: XXE Vulnerability in esaml Library and Fix

github.com · 2026-04-07

### Vulnerability Summary: CVE-2026-28889 **1. Vulnerability Overview** * **Vulnerability Name**: CVE-2026-28889 * **Vulnerability Type**: XML External Entity Injection (XXE) * **Description**: This v…

Case-insensitive URL scheme bypasses webhook and downloadFrom deny-list SSRF protection · Advisory · gotenberg/gotenberg

github.com · 2026-05-06

# Vulnerability Summary: Case-insensitive URL scheme bypasses webhook and downloadFrom deny-list SSRF protection ## Vulnerability Overview - **Vulnerability Name**: Case-insensitive URL scheme bypasse…

CVSS 6.5

Lemmy SSRF via Unvalidated og:image Leading to Internal Image Disclosure

github.com · 2026-05-09

# SSRF and internal image disclosure in post link metadata via unvalidated og:image ## Vulnerability Overview Lemmy defaults to using the `StoreLinkPreviews` mode when fetching metadata for user-provi…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 531— Search: SSRF×

Security Intel Hub 531— Search: `SSRF`×