Local Deep Research is Vulnerable to Server-Side Request Forgery (SSRF) in Download Service

PraisonAI spider_tools SSRF protection bypass via alternate loopback host encodings

Flowise: SSRF Protection Bypass via Direct node-fetch / axios Usage (Patch Enforcement Failure

PraisonAI: SpiderTools redirect-target SSRF protection bypass

local-deep-research is Vulnerable to HTML Injection via Unescaped

LangChain Text Splitters: HTMLHeaderTextSplitter.split_text_from_url SSRF Redirect Bypass

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes

local-deep-research has an SSRF bypass in `safe

Open WebUI vulnerable to blind server side request forgery (SSRF) via the PDF generate function

OpenClaw validates Zalo outbound photo URLs through the SSRF guard

OpenClaw: Browser tabs action select and close routes bypassed SSRF policy

OpenClaw: Browser SSRF policy default allowed private-network navigation

OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes

OpenClaw: SSRF via Unguarded `fetch()` in Marketplace Plugin Download and Ollama Model Discovery

mode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery (SSRF). This vulnerability stems from the way the StringLookup layer is handled during model loading from

Unauthenticated form resolver forwards the privileged Objecten-API token to a caller-supplied URL (SSRF

OpenClaw: Existing-session browser interaction routes bypassed SSRF policy enforcement

OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding

OpenClaw: Strict browser SSRF bypass in Playwright redirect handling leaves private targets reachable

OpenClaw has Browser SSRF Policy Bypass via Interaction-Triggered Navigation