Skip to content
The Nexus
DossierENTITY

Server-Side Request Forgery

Coverage of Server-Side Request Forgery in the Nexus archive.

Earliest in view: Apr 24 · 07:24 UTCMost recent: Jun 4 · 16:55 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 4 · 16:55 UTCTHE HACKER NEWS
    Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

    Cisco has patched a server-side request forgery vulnerability (CVE-2026-20230) in Unified Communications Manager, allowing unauthenticated attackers to write files and escalate to root. Proof-of-concept exploit code is now public, though Cisco's PSIRT reports no observed attacks yet.

  • SECURITYApr 24 · 07:24 UTCTHE HACKER NEWS
    LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

    A high-severity SSRF vulnerability (CVE-2026-33626) in LMDeploy, an open-source LLM deployment toolkit, was actively exploited in the wild within 13 hours of disclosure. The flaw, rated CVSS 7.5, allows attackers to access sensitive data via server-side request forgery.

Server-Side Request Forgery · Dossier · The Nexus