Common Weakness Enumeration

CWE-918

Allowed

Server-Side Request Forgery (SSRF)

Abstraction: Base · Status: Incomplete

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

4625 vulnerabilities reference this CWE, most recent first.

CVE-2026-15501 (GCVE-0-2026-15501)

Vulnerability from cvelistv5 – Published: 2026-07-12 12:30 – Updated: 2026-07-15 16:05
VLAI
Title
AstrBotDevs AstrBot MCP Test Endpoint tools.py ToolsRoute.test_mcp_connection server-side request forgery
Summary
A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function ToolsRoute.test_mcp_connection of the file astrbot/dashboard/routes/tools.py of the component MCP Test Endpoint. The manipulation of the argument mcp_server_config.url leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
URL Tags
https://vuldb.com/vuln/377808 vdb-entrytechnical-description
https://vuldb.com/vuln/377808/cti signaturepermissions-required
https://vuldb.com/cve/CVE-2026-15501 third-party-advisory
https://vuldb.com/submit/844665 third-party-advisory
https://gist.github.com/YLChen-007/b68732c140fb11… exploit
Impacted products
Vendor Product Version
AstrBotDevs AstrBot Affected: 4.25.0
Affected: 4.25.1
Affected: 4.25.2
    cpe:2.3:a:astrbot:astrbot:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Eric-a (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15501",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-15T16:05:30.807177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-15T16:05:35.347Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/submit/844665"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:astrbot:astrbot:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "MCP Test Endpoint"
          ],
          "product": "AstrBot",
          "vendor": "AstrBotDevs",
          "versions": [
            {
              "status": "affected",
              "version": "4.25.0"
            },
            {
              "status": "affected",
              "version": "4.25.1"
            },
            {
              "status": "affected",
              "version": "4.25.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Eric-a (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.25.2. Affected by this issue is the function ToolsRoute.test_mcp_connection of the file astrbot/dashboard/routes/tools.py of the component MCP Test Endpoint. The manipulation of the argument mcp_server_config.url leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-12T12:30:07.184Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-377808 | AstrBotDevs AstrBot MCP Test Endpoint tools.py ToolsRoute.test_mcp_connection server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/377808"
        },
        {
          "name": "VDB-377808 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/377808/cti"
        },
        {
          "name": "CVE-2026-15501 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-15501"
        },
        {
          "name": "Submit #844665 | AstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (CWE-918)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/844665"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/YLChen-007/b68732c140fb11d844b214cf2db50a5a"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-11T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-11T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-11T14:47:12.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "AstrBotDevs AstrBot MCP Test Endpoint tools.py ToolsRoute.test_mcp_connection server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-15501",
    "datePublished": "2026-07-12T12:30:07.184Z",
    "dateReserved": "2026-07-11T12:42:07.168Z",
    "dateUpdated": "2026-07-15T16:05:35.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15500 (GCVE-0-2026-15500)

Vulnerability from cvelistv5 – Published: 2026-07-12 12:00 – Updated: 2026-07-13 15:41
VLAI
Title
AstrBotDevs AstrBot market_list Endpoint plugin.py get_online_plugins server-side request forgery
Summary
A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function get_online_plugins of the file astrbot/dashboard/routes/plugin.py of the component market_list Endpoint. Executing a manipulation of the argument custom_registry can lead to server-side request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
URL Tags
https://vuldb.com/vuln/377807 vdb-entrytechnical-description
https://vuldb.com/vuln/377807/cti signaturepermissions-required
https://vuldb.com/cve/CVE-2026-15500 third-party-advisory
https://vuldb.com/submit/844659 third-party-advisory
https://vuldb.com/submit/847481 third-party-advisory
https://gist.github.com/YLChen-007/cd162554554c27… exploit
Impacted products
Vendor Product Version
AstrBotDevs AstrBot Affected: 4.25.0
Affected: 4.25.1
Affected: 4.25.2
    cpe:2.3:a:astrbot:astrbot:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Eric-a (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15500",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-13T15:41:32.623995Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-13T15:41:38.976Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:astrbot:astrbot:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "market_list Endpoint"
          ],
          "product": "AstrBot",
          "vendor": "AstrBotDevs",
          "versions": [
            {
              "status": "affected",
              "version": "4.25.0"
            },
            {
              "status": "affected",
              "version": "4.25.1"
            },
            {
              "status": "affected",
              "version": "4.25.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Eric-a (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function get_online_plugins of the file astrbot/dashboard/routes/plugin.py of the component market_list Endpoint. Executing a manipulation of the argument custom_registry can lead to server-side request forgery. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-12T12:00:07.716Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-377807 | AstrBotDevs AstrBot market_list Endpoint plugin.py get_online_plugins server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/377807"
        },
        {
          "name": "VDB-377807 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/377807/cti"
        },
        {
          "name": "CVE-2026-15500 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-15500"
        },
        {
          "name": "Submit #844659 | AstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (CWE-918)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/844659"
        },
        {
          "name": "Submit #847481 | AstrBotDevs AstrBot 4.25.2 Server-Side Request Forgery (SSRF) (CWE-918) (Duplicate)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/847481"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/YLChen-007/cd162554554c273a3a7c0330aa02f3f0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-11T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-11T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-11T14:47:08.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "AstrBotDevs AstrBot market_list Endpoint plugin.py get_online_plugins server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-15500",
    "datePublished": "2026-07-12T12:00:07.716Z",
    "dateReserved": "2026-07-11T12:41:58.125Z",
    "dateUpdated": "2026-07-13T15:41:38.976Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15409 (GCVE-0-2026-15409)

Vulnerability from cvelistv5 – Published: 2026-07-14 19:39 – Updated: 2026-07-16 03:55
VLAI
Summary
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
Vendor Product Version
SonicWall SMA1000 Affected: 12.4.3-03245 , ≤ 12.4.3-03434 (custom)
Affected: 12.5.0-02283 , ≤ 12.5.0-02800 (custom)
Create a notification for this product.
Date Public
2026-07-14 19:40
Credits
Adam Babis of SonicWall PSIRT
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 10,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-15409",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-07-14",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15409"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-16T03:55:19.176Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-15409"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "platforms": [
            "Linux"
          ],
          "product": "SMA1000",
          "vendor": "SonicWall",
          "versions": [
            {
              "lessThanOrEqual": "12.4.3-03434",
              "status": "affected",
              "version": "12.4.3-03245",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "12.5.0-02800",
              "status": "affected",
              "version": "12.5.0-02283",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Adam Babis of SonicWall PSIRT"
        }
      ],
      "datePublic": "2026-07-14T19:40:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location."
            }
          ],
          "value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918: Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T19:43:54.725Z",
        "orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
        "shortName": "sonicwall"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0008"
        }
      ],
      "source": {
        "advisory": "SNWLID-2026-0008",
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
    "assignerShortName": "sonicwall",
    "cveId": "CVE-2026-15409",
    "datePublished": "2026-07-14T19:39:34.808Z",
    "dateReserved": "2026-07-10T14:12:14.377Z",
    "dateUpdated": "2026-07-16T03:55:19.176Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15378 (GCVE-0-2026-15378)

Vulnerability from cvelistv5 – Published: 2026-07-10 09:29 – Updated: 2026-07-14 01:37
VLAI
Title
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Summary
A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery (SSRF) by submitting a specially crafted XML Schema Definition (XSD) string. This can lead to unauthorized access to sensitive information, including credentials from cloud metadata services, Kubernetes API, internal MinIO, and other internal network endpoints. Additionally, it enables local file reads of critical data such as service account tokens and pod secrets.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
URL Tags
https://access.redhat.com/security/cve/CVE-2026-15378 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2498941 issue-trackingx_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
Date Public
2026-07-10 09:19
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15378",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T01:36:55.860314Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T01:37:07.099Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-fms-guardrails-orchestrator-rhel9",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2026-07-10T09:19:44.546Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery (SSRF) by submitting a specially crafted XML Schema Definition (XSD) string. This can lead to unauthorized access to sensitive information, including credentials from cloud metadata services, Kubernetes API, internal MinIO, and other internal network endpoints. Additionally, it enables local file reads of critical data such as service account tokens and pod secrets."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-10T09:29:55.593Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-15378"
        },
        {
          "name": "RHBZ#2498941",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2498941"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-10T08:16:18.334Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-07-10T09:19:44.546Z",
          "value": "Made public."
        }
      ],
      "title": "Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-15378",
    "datePublished": "2026-07-10T09:29:55.593Z",
    "dateReserved": "2026-07-10T08:57:01.261Z",
    "dateUpdated": "2026-07-14T01:37:07.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15330 (GCVE-0-2026-15330)

Vulnerability from cvelistv5 – Published: 2026-07-10 04:00 – Updated: 2026-07-10 20:31 X_Open Source
VLAI
Title
zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery
Summary
A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function _build_image_content/_download_to_data_url of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is recommended to address this issue. This patch is called e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. Upgrading the affected component is advised.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
Impacted products
Vendor Product Version
zhayujie CowAgent Affected: 2.1.0
Affected: 2.1.1
Unaffected: 2.1.2
    cpe:2.3:a:zhayujie:cowagent:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Eric-x (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15330",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T20:26:20.760065Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T20:31:19.060Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:zhayujie:cowagent:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "Vision Tool"
          ],
          "product": "CowAgent",
          "vendor": "zhayujie",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.1"
            },
            {
              "status": "unaffected",
              "version": "2.1.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Eric-x (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in zhayujie CowAgent up to 2.1.1. Impacted is the function _build_image_content/_download_to_data_url of the file agent/tools/vision/vision.py of the component Vision Tool. Executing a manipulation of the argument image can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is recommended to address this issue. This patch is called e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. Upgrading the affected component is advised."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-10T04:00:10.896Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-377273 | zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/377273"
        },
        {
          "name": "VDB-377273 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/377273/cti"
        },
        {
          "name": "CVE-2026-15330 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-15330"
        },
        {
          "name": "Submit #853103 | zhayujie CowAgent \u003c= 2.1.0 Server-Side Request Forgery (CWE-918)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/853103"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/zhayujie/CowAgent/issues/2872"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/zhayujie/CowAgent/pull/2886"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/zhayujie/CowAgent/commit/e85290cddcbb5ffc9c235927f4c92e5b4c3ec264"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/zhayujie/CowAgent/releases/tag/2.1.2"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/zhayujie/CowAgent/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-09T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-09T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-09T20:43:31.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "zhayujie CowAgent Vision Tool vision.py _download_to_data_url server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-15330",
    "datePublished": "2026-07-10T04:00:10.896Z",
    "dateReserved": "2026-07-09T18:37:44.563Z",
    "dateUpdated": "2026-07-10T20:31:19.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15317 (GCVE-0-2026-15317)

Vulnerability from cvelistv5 – Published: 2026-07-10 00:00 – Updated: 2026-07-14 01:26
VLAI
Title
Sipeed PicoClaw Guarded Web Fetch Flow web.go WebFetchTool.Execute server-side request forgery
Summary
A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
URL Tags
https://vuldb.com/vuln/377257 vdb-entrytechnical-description
https://vuldb.com/vuln/377257/cti signaturepermissions-required
https://vuldb.com/cve/CVE-2026-15317 third-party-advisory
https://vuldb.com/submit/852877 third-party-advisory
https://github.com/sipeed/picoclaw/issues/3078 exploitissue-tracking
https://github.com/sipeed/picoclaw/ product
Impacted products
Vendor Product Version
Sipeed PicoClaw Affected: 0.2.0
Affected: 0.2.1
Affected: 0.2.2
Affected: 0.2.3
Affected: 0.2.4
Affected: 0.2.5
Affected: 0.2.6
Affected: 0.2.7
Affected: 0.2.8
Affected: 0.2.9
    cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Eric-d (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15317",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T01:26:17.804998Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T01:26:30.531Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sipeed:picoclaw:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "Guarded Web Fetch Flow"
          ],
          "product": "PicoClaw",
          "vendor": "Sipeed",
          "versions": [
            {
              "status": "affected",
              "version": "0.2.0"
            },
            {
              "status": "affected",
              "version": "0.2.1"
            },
            {
              "status": "affected",
              "version": "0.2.2"
            },
            {
              "status": "affected",
              "version": "0.2.3"
            },
            {
              "status": "affected",
              "version": "0.2.4"
            },
            {
              "status": "affected",
              "version": "0.2.5"
            },
            {
              "status": "affected",
              "version": "0.2.6"
            },
            {
              "status": "affected",
              "version": "0.2.7"
            },
            {
              "status": "affected",
              "version": "0.2.8"
            },
            {
              "status": "affected",
              "version": "0.2.9"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Eric-d (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-10T00:00:13.247Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-377257 | Sipeed PicoClaw Guarded Web Fetch Flow web.go WebFetchTool.Execute server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/377257"
        },
        {
          "name": "VDB-377257 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/377257/cti"
        },
        {
          "name": "CVE-2026-15317 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-15317"
        },
        {
          "name": "Submit #852877 | Sipeed PicoClaw \u003c= 0.2.9 Server-Side Request Forgery (CWE-918)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/852877"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/sipeed/picoclaw/issues/3078"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/sipeed/picoclaw/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-09T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-09T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-09T20:12:45.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Sipeed PicoClaw Guarded Web Fetch Flow web.go WebFetchTool.Execute server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-15317",
    "datePublished": "2026-07-10T00:00:13.247Z",
    "dateReserved": "2026-07-09T18:07:32.588Z",
    "dateUpdated": "2026-07-14T01:26:30.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15189 (GCVE-0-2026-15189)

Vulnerability from cvelistv5 – Published: 2026-07-09 15:30 – Updated: 2026-07-09 17:43
VLAI
Title
aerostackdev aerostack-mcp mcp-whatsapp upload_media server-side request forgery
Summary
A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
Impacted products
Vendor Product Version
aerostackdev aerostack-mcp Affected: 6315dfde7df0a15aaf743f88d91347115e09ba23
    cpe:2.3:a:aerostackdev:aerostack-mcp:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
skywings (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15189",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-09T17:43:12.399439Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-09T17:43:31.453Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/submit/851437"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/aerostackdev/aerostack-mcp/issues/3"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:aerostackdev:aerostack-mcp:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "mcp-whatsapp"
          ],
          "product": "aerostack-mcp",
          "vendor": "aerostackdev",
          "versions": [
            {
              "status": "affected",
              "version": "6315dfde7df0a15aaf743f88d91347115e09ba23"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "skywings (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-09T15:30:09.679Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-377115 | aerostackdev aerostack-mcp mcp-whatsapp upload_media server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/377115"
        },
        {
          "name": "VDB-377115 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/377115/cti"
        },
        {
          "name": "CVE-2026-15189 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-15189"
        },
        {
          "name": "Submit #851437 | aerostackdev aerostack-mcp Latest Server-Side Request Forgery",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/851437"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/aerostackdev/aerostack-mcp/issues/3"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/aerostackdev/aerostack-mcp/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-09T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-09T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-09T07:26:24.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "aerostackdev aerostack-mcp mcp-whatsapp upload_media server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-15189",
    "datePublished": "2026-07-09T15:30:09.679Z",
    "dateReserved": "2026-07-09T05:21:19.957Z",
    "dateUpdated": "2026-07-09T17:43:31.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15183 (GCVE-0-2026-15183)

Vulnerability from cvelistv5 – Published: 2026-07-14 08:42 – Updated: 2026-07-14 12:21
VLAI
Title
Input Validation Vulnerabilities in Snowflake Spark Connector
Summary
Multiple input validation vulnerabilities in the Snowflake Spark Connector (spark-snowflake) versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector's Snowflake role, or redirect COPY operations to attacker-controlled storage. An attacker could exploit these vulnerabilities by supplying a crafted OAuth token request URL, placing malicious files in an ingestion pipeline, injecting SQL via staging options in a shared Spark environment , or issuing runtime SET commands in a shared Spark-SQL session to inject arbitrary SQL into the SnowflakeFallbackCatalog's option map, which executes under the cluster admin's JDBC credentials. Successful exploitation may result in credential theft, unauthorized access to Snowflake account data, or privilege escalation within connected infrastructure.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
  • CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
Impacted products
Vendor Product Version
Snowflake Snowflake Spark Connector Affected: 0.1.0 , < 3.2.1 (semver)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15183",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-14T12:21:22.026962Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-14T12:21:40.309Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Snowflake Spark Connector",
          "vendor": "Snowflake",
          "versions": [
            {
              "lessThan": "3.2.1",
              "status": "affected",
              "version": "0.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple input validation vulnerabilities in the Snowflake Spark Connector (spark-snowflake) versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector\u0027s Snowflake role, or redirect COPY operations to attacker-controlled storage. An attacker could exploit these vulnerabilities by supplying a crafted OAuth token request URL, placing malicious files in an ingestion pipeline, injecting SQL via staging options in a shared Spark environment , or issuing runtime SET commands in a shared Spark-SQL session to inject arbitrary SQL into the SnowflakeFallbackCatalog\u0027s option map, which executes under the cluster admin\u0027s JDBC credentials. Successful exploitation may result in credential theft, unauthorized access to Snowflake account data, or privilege escalation within connected infrastructure."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-441",
              "description": "Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
              "lang": "en",
              "type": "CWE"
            },
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T08:42:38.507Z",
        "orgId": "412d305a-227d-44f9-a262-a31ba44f2aea",
        "shortName": "SNOWFLAKE"
      },
      "references": [
        {
          "name": "Snowflake Spark Connector Release Notes",
          "url": "https://docs.snowflake.com/en/release-notes/clients-drivers/spark-connector-2026"
        }
      ],
      "title": "Input Validation Vulnerabilities in Snowflake Spark Connector",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "412d305a-227d-44f9-a262-a31ba44f2aea",
    "assignerShortName": "SNOWFLAKE",
    "cveId": "CVE-2026-15183",
    "datePublished": "2026-07-14T08:42:38.507Z",
    "dateReserved": "2026-07-09T04:58:47.384Z",
    "dateUpdated": "2026-07-14T12:21:40.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-15143 (GCVE-0-2026-15143)

Vulnerability from cvelistv5 – Published: 2026-07-10 15:25 – Updated: 2026-07-10 15:46
VLAI
Title
Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)
Summary
A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
URL Tags
https://access.redhat.com/security/cve/CVE-2026-15143 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2498165 issue-trackingx_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
Date Public
2026-07-10 09:19
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-15143",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T15:42:19.456726Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T15:46:37.212Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-built-in-detector-rhel9",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-guardrails-detector-huggingface-runtime-rhel9",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2026-07-10T09:19:44.546Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-10T15:25:09.017Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-15143"
        },
        {
          "name": "RHBZ#2498165",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2498165"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-26T12:47:42.862Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-07-10T09:19:44.546Z",
          "value": "Made public."
        }
      ],
      "title": "Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:)",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-918: Server-Side Request Forgery (SSRF)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-15143",
    "datePublished": "2026-07-10T15:25:09.017Z",
    "dateReserved": "2026-07-08T17:24:00.555Z",
    "dateUpdated": "2026-07-10T15:46:37.212Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-14748 (GCVE-0-2026-14748)

Vulnerability from cvelistv5 – Published: 2026-07-05 12:15 – Updated: 2026-07-06 19:02
VLAI
Title
AIAnytime Awesome-MCP-Server mcp-wiki/wiki-summary server.py server-side request forgery
Summary
A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcp_wiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side request forgery. The attack may be initiated remotely. The exploit has been published and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-918 - Server-Side Request Forgery
Assigner
References
Impacted products
Vendor Product Version
AIAnytime Awesome-MCP-Server Affected: a884bb51bcd99e08e14fd712c749d55d9d9a13ab
    cpe:2.3:a:aianytime:awesome-mcp-server:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
skywings (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-14748",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-06T19:02:26.606084Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-06T19:02:36.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/submit/849289"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/submit/849300"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/AIAnytime/Awesome-MCP-Server/issues/34"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:aianytime:awesome-mcp-server:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "mcp-wiki/wiki-summary"
          ],
          "product": "Awesome-MCP-Server",
          "vendor": "AIAnytime",
          "versions": [
            {
              "status": "affected",
              "version": "a884bb51bcd99e08e14fd712c749d55d9d9a13ab"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "skywings (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcp_wiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side request forgery. The attack may be initiated remotely. The exploit has been published and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "Server-Side Request Forgery",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-05T12:15:08.047Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-376334 | AIAnytime Awesome-MCP-Server mcp-wiki/wiki-summary server.py server-side request forgery",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/376334"
        },
        {
          "name": "VDB-376334 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/376334/cti"
        },
        {
          "name": "CVE-2026-14748 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-14748"
        },
        {
          "name": "Submit #849289 | AIAnytime Awesome-MCP-Server Latest Server-Side Request Forgery",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/849289"
        },
        {
          "name": "Submit #849300 | AIAnytime Awesome-MCP-Server Latest Server-Side Request Forgery (Duplicate)",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/849300"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/AIAnytime/Awesome-MCP-Server/issues/34"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/AIAnytime/Awesome-MCP-Server/issues/35"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/AIAnytime/Awesome-MCP-Server/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-04T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-04T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-04T15:10:19.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "AIAnytime Awesome-MCP-Server mcp-wiki/wiki-summary server.py server-side request forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-14748",
    "datePublished": "2026-07-05T12:15:08.047Z",
    "dateReserved": "2026-07-04T13:05:15.145Z",
    "dateUpdated": "2026-07-06T19:02:36.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

No mitigation information available for this CWE.

CAPEC-664: Server Side Request Forgery

An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.