SSRF
appsec.fyi
Hugo | DevOps | Cybersecurity : #CVE-2026-12975 - #SSRF in #Apicurio Registry. No auth needed by default. Malicious #XML triggers blind SSRF or #DoS via entity expansion. #CVSS 8.5. Patch unknown - restrict access now. #CVEAlert #infosec #CyberSecurity #cybersecuritytips More detailed info:
2026-06-26
CISA Warns of Cisco Unified CM Vulnerability Exploited in Attacks
2026-06-26
CISA Warns Actively Exploited Cisco Unified Communications Manager SSRF Vulnerabilities
2026-06-26
Vulert: CVE-2026-55791: Critical Craft CMS vulnerability may expose apps to SSRF and JavaScript injection. Risk: unauthorized internal/external requests injection abuse. Update to the latest patched version now. #CraftCMS #SSRF #WebSecurity #Vulert
2026-06-26
ihavebeenpwned: Spent 3 days chaining an SSRF. Confirmed OOB built a redirect server through Serveo got their client to follow 302s all the way to cloud metadata. IAM credentials territory. Duplicate. Someone found it a month ago. #bugbounty #ssrf
2026-06-26
More SSRF →