Fushuling

Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a server-side request forgery (SSRF) attack. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18.

**Name of the Vulnerable Software and Affected Versions** local-deep-research versions prior to 1.6.10 **Description** A logical flaw in the URL checking logic allows attackers to bypass security filters, leading to Server-Side Request Forgery (SSRF). The software uses the `validate url` function to perform security checks on the host portion of a URL extracted by `urlparse`. However, a discrepancy exists between how `urlparse` and the `requests` library parse URLs. For example, in the `safe get()` function, `validate url` may identify a URL as pointing to a public IP, while `requests.get` interprets the same URL as pointing to an internal address. This occurs because `urlparse` may treat certain characters, such as backslashes, as regular characters, whereas `requests` may treat them as path characters, allowing an attacker to redirect requests to internal network resources. **Recommendations** Upgrade to version 1.6.10 or later.

**Name of the Vulnerable Software and Affected Versions** Speakr versions prior to 0.8.20-alpha **Description** Speakr is a self-hosted web application for transcribing audio recordings. The `is safe url()` helper function, used to validate post-login redirect targets, incorrectly applies `urljoin(request.host url, target)` before parsing, while the controller passes the raw target to the `redirect()` function. This allows a scheme-relative input, such as `////evil.com`, to be validated as a same-host URL but interpreted by the browser as a network-path-relative redirect to an external attacker-controlled host via the Location header. **Recommendations** Update to version 0.8.20-alpha.

**Name of the Vulnerable Software and Affected Versions** MaxKB versions prior to 2.8.1 **Description** An issue exists in the OSS file service URL fetch endpoint "chat/api/oss/get url" where inconsistent URL parsing between the `urlparse` validation function and the `requests` HTTP client allows for a server-side request forgery (SSRF) bypass. This enables attackers to access internal network services. **Recommendations** Update to version 2.8.1.

**Name of the Vulnerable Software and Affected Versions** Bugsink versions prior to 2.1.3 **Description** A mismatch in URL parsing allows the bypass of webhook URL validation. The system used Python's `urllib.parse.urlparse` for validation but `requests.post` to send the request. For malformed inputs containing backslashes and @, these components may disagree on the target hostname. This allows a URL to appear as an allowlisted public hostname during validation while the HTTP client connects to a different host, such as loopback, private, or non-allowlisted destinations. This results in a Server-Side Request Forgery (SSRF), where the server is induced to make an unintended outbound HTTP POST request. **Recommendations** Update to version 2.1.3. Restrict permissions for users who can configure or modify webhook URLs. Review existing webhook configurations for malformed or unusual URLs. Implement a tightly controlled outbound network policy at the deployment level.

**Name of the Vulnerable Software and Affected Versions** Amazon Redshift JDBC Driver versions prior to 2.2.2 **Description** An issue allows the driver to load and execute arbitrary classes when processing JDBC connection URL parameters. An actor capable of influencing the connection URL could potentially execute code within the application context, provided a suitable class exists on the application's classpath. **Recommendations** Upgrade to version 2.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** PraisonAI versions prior to 1.6.32 **Description** A logical flaw in the URL checking logic allows attackers to bypass security filters, leading to Server-Side Request Forgery (SSRF). The system uses the ` validate url()` function to perform security checks on the host portion of a URL extracted by `urlparse()`. However, a discrepancy exists between how `urlparse()` and the `requests` library parse certain URLs. For example, in a URL like `http://127.0.0.1:6666@1.1.1.1`, `urlparse()` identifies the hostname as `1.1.1.1` (a public address), while `requests` interprets it as `127.0.0.1` (an internal address). This inconsistency allows requests to be routed to internal network addresses despite passing the initial validation. **Recommendations** Update to version 1.6.32.

Name of the Vulnerable Software and Affected Versions vLLM versions 0.16.0 through 0.18.99 Description vLLM, an inference and serving engine for large language models, contains a server-side request forgery (SSRF) flaw in the `download bytes from url` function. This allows an attacker who can control the batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. The vulnerability resides in the `run batch.py` file, specifically within the `download bytes from url` function, which directly calls `session.get(url)` on a URL provided in the batch input JSON. The `file url` parameter within `BatchTranscriptionRequest` and `BatchTranslationRequest` is vulnerable, as it lacks domain, IP, or port restrictions. This can be exploited to target internal services reachable from the vLLM host. Recommendations Update to vLLM version 0.19.0 or later.

Name of the Vulnerable Software and Affected Versions JupyterHub versions prior to 5.4.4 Description A flaw in JupyterHub allows attackers to create links that redirect users to a JupyterHub login page, and then to an attacker-controlled site instead of a legitimate JupyterHub page. This bypasses JupyterHub's security checks. Recommendations Upgrade to JupyterHub version 5.4.4.

OpenClaw before 2026.3.22 contains a path traversal vulnerability in Windows media loaders that accepts remote-host file URLs and UNC-style paths before local-path validation. Attackers can exploit this by providing network-hosted file targets that are treated as local content, bypassing intended access restrictions.

**Name of the Vulnerable Software and Affected Versions** DataEase versions 2.10.19 and below **Description** DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below exhibit inconsistent locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses `String.toUpperCase()` without specifying an explicit locale, relying on the JVM's default runtime locale for security checks, while H2 JDBC normalizes URLs using `Locale.ENGLISH`. In Turkish locale environments (tr TR), Java converts the lowercase letter 'i' to 'İ' (dotted capital I) instead of 'I', allowing a malicious parameter like `iNIT` to bypass DataEase's blacklist while H2 correctly interprets it as `INIT`. This discrepancy enables attackers to smuggle dangerous JDBC parameters past DataEase's security validation. The issue has been confirmed as exploitable in real-world DataEase deployments running under affected regional settings. **Recommendations** Update DataEase to version 2.10.20 or later.

**Name of the Vulnerable Software and Affected Versions** Dataease versions prior to 2.10.20 **Description** Dataease is an open source data visualization analysis tool. Prior to version 2.10.20, controlling the `IniFile` parameter allows an attacker to force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code execution. The vulnerability resides in the `getJdbcIniFile` method, which aggressively searches for a configuration file named `rsjdbc.ini` if not explicitly restricted. Within a JDBC URL context, users can specify the configuration file via URL parameters, enabling the loading of arbitrary files on the server as JDBC configuration files. The `IniFile` parameter within the Redshift JDBC driver properties is explicitly supported and used to load external configuration files. **Recommendations** Versions prior to 2.10.20 should be updated to version 2.10.20 or later.

**Name of the Vulnerable Software and Affected Versions** snowflakedb snowflake-jdbc versions up to 4.0.1 **Description** A weakness exists in the `SdkProxyRoutePlanner` function within the `JDBC URL Handler` component of snowflakedb snowflake-jdbc. Manipulation of the `nonProxyHosts` argument can lead to inefficient regular expression complexity. This issue is locally exploitable and the exploit has been publicly released. The vulnerable code is located in the file src/main/java/net/snowflake/client/internal/core/SdkProxyRoutePlanner.java. **Recommendations** Apply patch 5fb0a8a318a2ed87f4022a1f56e742424ba94052.

**Name of the Vulnerable Software and Affected Versions** lintsinghua DeepAudit versions up to 3.0.3 **Description** A server-side request forgery condition exists in the IP Address Handler component of lintsinghua DeepAudit. The issue is related to unknown processing within the file `backend/app/api/v1/endpoints/embedding config.py`. Successful exploitation allows for remote initiation of the attack. The affected API endpoint is `/api/v1/endpoints/embedding config`. **Recommendations** Upgrade to version 3.0.4 or 3.1.0.

**Name of the Vulnerable Software and Affected Versions** MindsDB versions up to 25.14.1 **Description** A security issue exists in MindsDB related to server-side request forgery. This occurs through manipulation of the `clear filename` function within the `mindsdb/utilities/security.py` file, specifically in the File Upload component. The issue is exploitable remotely and has been publicly disclosed. **Recommendations** Apply the patch with identifier 74d6f0fd4b630218519a700fbee1c05c7fd4b1ed to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** jeecgboot jeewx-boot versions prior to 641ab52c3e1845fec39996d7794c33fb40dad1dd **Description** A security flaw exists in jeecgboot jeewx-boot. Manipulation of the `imgurl` argument in the `getImgUrl` function within the WxActGoldeneggsPrizesController.java file can lead to path traversal. Remote exploitation is possible, and an exploit has been publicly released. The issue's initial fix can be bypassed with additional encoding. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.12 Description: DataEase is an open-source business intelligence and data visualization tool. Prior to version 2.10.12, a H2 JDBC Remote Code Execution (RCE) bypass exists. If the JDBC URL meets specific criteria, the `getJdbcUrl` method returns the `JdbcUrl` parameter, bypassing H2’s filtering logic and allowing the specification of the H2 driver for the JDBC connection via `"driver":"org.h2.Driver"`. Recommendations: Update DataEase to version 2.10.12 or later.

Name of the Vulnerable Software and Affected Versions: WinterChenS my-site (affected versions not specified) Description: A vulnerability exists in the `preHandle` function of the `/admin/` file within the Backend Interface component. Manipulation of the `uri` argument results in improper authentication. The attack can be initiated remotely. The exploit has been disclosed publicly. The existence of this vulnerability is currently doubted. The product utilizes a rolling release model, and therefore, specific version details for affected or updated releases are unavailable. The code maintainer reported that accessing the vulnerable link automatically redirects to the login page. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: 猫宁i Morning (affected versions not specified) Description: A critical path traversal issue exists in the Shiro Configuration component of 猫宁i Morning. The issue affects an unknown function within the `/index` file. This allows for remote exploitation. The exploit has been publicly disclosed. The product utilizes a rolling release model, and specific version details for affected or updated releases are unavailable. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562 Description: A critical issue exists in wangzhixuan spring-shiro-training. The vulnerability is due to command injection in the `/role/add` file. This allows for remote attacks. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.