Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
10 articles

#SSRF

All CosmicBytez Labs articles tagged #SSRF, across news, security advisories, how-to guides, and projects.

  • SecurityMay 20, 2026

    scalar/astro Proxy Endpoint Unauthenticated SSRF

    A critical CVSS 9.8 Server-Side Request Forgery vulnerability in scalar/astro v0.1.13 allows unauthenticated attackers to force the backend server to make...

  • NewsApr 26, 2026

    LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of

    A high-severity SSRF vulnerability in LMDeploy, a widely used open-source LLM deployment toolkit, was actively exploited in the wild less than 13 hours...

  • SecurityApr 26, 2026

    Typecho 1.3.0 Pingback SSRF via X-Pingback Manipulation

    A CVSS 7.3 server-side request forgery vulnerability in Typecho up to 1.3.0 allows attackers to manipulate the X-Pingback/link argument in Service.php to...

  • SecurityApr 24, 2026

    CVE-2026-32210: Microsoft Dynamics 365 Online SSRF Enables

    A critical server-side request forgery vulnerability in Microsoft Dynamics 365 (Online) allows an unauthenticated remote attacker to perform spoofing over...

  • SecurityApr 3, 2026

    CVE-2026-26135: Azure Custom Locations SSRF Enables

    A critical server-side request forgery vulnerability in Azure Custom Locations Resource Provider allows an authorized attacker to elevate privileges over...

  • SecurityApr 1, 2026

    CVE-2026-34162: FastGPT Unauthenticated HTTP Proxy Enables

    A maximum-severity vulnerability in FastGPT AI agent platform exposes an unauthenticated HTTP proxy testing endpoint that accepts arbitrary user-supplied...

  • SecurityMar 29, 2026

    CVE-2026-5016: elecV2P SSRF Vulnerability in URL Handler

    A server-side request forgery vulnerability in elecV2P up to version 3.8.3 allows remote attackers to manipulate the eAxios function via the /mock...

  • SecurityMar 28, 2026

    CVE-2025-12886: Oxygen Theme SSRF Allows Unauthenticated

    A Server-Side Request Forgery vulnerability in the Oxygen Theme plugin for WordPress (all versions up to 6.0.8) enables unauthenticated attackers to make...

  • SecurityMar 18, 2026

    CVE-2026-25534: Spinnaker SSRF via URL Validation Bypass

    A critical SSRF vulnerability (CVSS 9.1) in Spinnaker's clouddriver and orca components bypasses the previous CVE-2025-61916 URL validation patch through...

  • SecurityFeb 5, 2026

    Microsoft Exchange Server SSRF to RCE Chain Actively

    A server-side request forgery vulnerability in Exchange Server is being chained with deserialization flaws for unauthenticated remote code execution....