Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
GitHub

Server-Side Request Forgery (SSRF) in vriteio/vrite

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Threat Post

SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds. A server-side ...
GitHub

Server-Side Request Forgery in calibreweb

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
Cyber Wire

OWASP server-side request forgery (noun)

Rick Howard: The word is: OWASP server-side request forgery. Rick Howard: Spelled: O for open, W for web, A for application, S for security, P for project, server-side for the application that runs on ...