SSRF is a vulnerability tracked across 19 threat clusters and 20 intelligence report mentions on ThreatCluster. First observed November 10, 2025; most recent activity June 29, 2026.
BeyondTrust has issued a warning regarding a critical remote code execution (RCE) vulnerability in its Remote Support and Privileged Remote Access software. The flaw, tracked as CVE-2026-1731, allows unauthenticated…
A critical remote code execution vulnerability (CVE-2025-34299) has been identified in Monsta FTP, a web-based file transfer client, allowing unauthenticated attackers to execute arbitrary code on affected systems. The…
A security researcher identified multiple vulnerabilities in Forgejo, a software platform used by Fedora, including SSRF, cryptographic issues, and authentication flaws. The researcher was able to chain these…
A remote code execution vulnerability, CVE-2025-34299, has been identified in Monsta FTP, affecting versions 2.11 and earlier. This flaw allows unauthenticated users to upload arbitrary files, enabling attackers to…
Snyk conducted 300 vulnerability scans to evaluate the repeatability of LLM security reviews on identical code and prompts. The results showed that while reference-matched findings were stable, extra-model reports…
Two vulnerabilities in the open-source AI framework Chainlit expose major enterprises' cloud environments to potential data leaks and full takeover. According to Zafran, these flaws allow attackers to read arbitrary…
CISA has added a critical server-side request forgery (SSRF) vulnerability in GitLab Community and Enterprise editions, tracked as CVE-2021-39935, to its Known Exploited Vulnerabilities catalog. This vulnerability is…
Multiple vulnerabilities in Kibana have been identified, allowing attackers to execute Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks. These vulnerabilities could potentially expose sensitive…
On March 6, 2026, OpenAI announced the launch of Codex Security, a sophisticated application security tool designed to identify software vulnerabilities, available for select ChatGPT users. Concurrently, OpenAnt, an…
Fortinet disclosed a Server-Side Request Forgery (SSRF) vulnerability in its FortiSandbox appliance on January 13, 2026. The vulnerability, tracked as CVE-2025-67685, allows authenticated attackers to craft HTTP…