CVE•Published 2026-03-29•1 article on news•5 live references•NVD data

CVE-2026-0560

Vulnerability data via CVEDB (Shodan)

CVSS v3.1

7.5

HIGH

EPSS percentile

Exploit Prediction Scoring System · top 25% of all CVEs

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution.

Timeline

Published 2026-03-29

External references

NVD MITRE Exploit-DB Sploitus VulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts

vuln:CVE-2026-0560

Hosts Shodan has explicitly fingerprinted as vulnerable.

Shodan · product

product:"Lollms Lollms"

All exposed Lollms Lollms instances — cross-reference with the CVE's affected-version range.

Shodan · banner/body mention

http.html:"Lollms"

HTTP body or banner mentions "Lollms" — catches deploys Shodan didn't identify as a product.

More intel sources (5)

Shodan report

vuln:CVE-2026-0560