{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-0560", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "state": "PUBLISHED", "assignerShortName": "@huntr_ai", "dateReserved": "2026-01-01T22:10:15.839Z", "datePublished": "2026-03-29T17:51:20.708Z", "dateUpdated": "2026-03-30T15:33:31.963Z"}, "containers": {"cna": {"title": "Server-Side Request Forgery (SSRF) in parisneo/lollms", "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2026-03-29T17:51:20.708Z"}, "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution."}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms", "versions": [{"version": "unspecified", "lessThan": "2.2.0", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/65e43a5e-b902-4369-b738-1825285a3ea5"}, {"url": "https://github.com/parisneo/lollms/commit/76a54f0df2df8a5b254aa627d487b5dc939a0263"}], "metrics": [{"cvssV3_0": {"version": "3.0", "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "cweId": "CWE-918"}]}], "source": {"advisory": "65e43a5e-b902-4369-b738-1825285a3ea5", "discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T15:33:20.974551Z", "id": "CVE-2026-0560", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T15:33:31.963Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Server-Side Request Forgery (SSRF) in parisneo/lollms", "source": {"advisory": "65e43a5e-b902-4369-b738-1825285a3ea5", "discovery": "EXTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "parisneo", "product": "parisneo/lollms", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "2.2.0", "versionType": "custom"}]}], "references": [{"url": "https://huntr.com/bounties/65e43a5e-b902-4369-b738-1825285a3ea5"}, {"url": "https://github.com/parisneo/lollms/commit/76a54f0df2df8a5b254aa627d487b5dc939a0263"}], "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntr_ai", "dateUpdated": "2026-03-29T17:51:20.708Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-0560", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T15:33:20.974551Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-30T15:33:28.026Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-0560", "state": "PUBLISHED", "dateUpdated": "2026-03-29T17:51:20.708Z", "dateReserved": "2026-01-01T22:10:15.839Z", "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "datePublished": "2026-03-29T17:51:20.708Z", "assignerShortName": "@huntr_ai"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution."}], "id": "CVE-2026-0560", "lastModified": "2026-03-30T13:26:07.647", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security@huntr.dev", "type": "Secondary"}]}, "published": "2026-03-29T18:16:14.303", "references": [{"source": "security@huntr.dev", "url": "https://github.com/parisneo/lollms/commit/76a54f0df2df8a5b254aa627d487b5dc939a0263"}, {"source": "security@huntr.dev", "url": "https://huntr.com/bounties/65e43a5e-b902-4369-b738-1825285a3ea5"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@huntr.dev", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.2.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "parisneo/lollms", "source": "cna", "vendor": "parisneo"}, "product": "parisneo/lollms", "vendor": "parisneo"}], "analysis": {"en": {"generated_at": "2026-03-29T19:20:33.891508+00:00", "value": {"mitigation_remediation": ["Upgrade parisneo/lollms to version 2.2.0 or later."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution (potential) via internal service access"}, "threat_synthesis": {"affected_systems": "The affected vendor is parisneo and the product is lollms. Versions earlier than 2.2.0 are vulnerable.", "description_and_impact": "The vulnerability is a server\u2011side request forgery that occurs in the /api/files/export-content endpoint of parisneo/lollms. The backend function _download_image_to_temp fails to validate user\u2011controlled URLs, which allows an attacker to instruct the server to make arbitrary HTTP requests. This can give the attacker internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution. The weakness is classified as CWE\u2011918.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity. No EPSS value is available, and the vulnerability is not listed in the KEV catalog. Attackers can exploit the flaw by sending crafted requests to the vulnerable endpoint, typically from a web application or API that is accessible to them. Successful exploitation requires the server to have outbound network connectivity, which is common in deployed environments. Given the potential for remote code execution, the risk to affected installations is significant and warrants urgent attention."}}}}, "created": "2026-03-29T20:31:15.602796+00:00", "updated": "2026-03-30T06:58:03.633889+00:00", "vendors": ["parisneo", "parisneo$PRODUCT$parisneo/lollms"]}