CVE-2026-0560Server-Side Request Forgery in Lollms

CWE-918Server-Side Request Forgery2 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 70.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Parisneo LollmsLollms
Timeline
PublishedMar 29

Description

A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and poten

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5parisneo/parisneo_lollmsunspecified2.2.0
NVDlollms/lollms2.1.0

Patches

Patch: github.com

🔴Vulnerability Details

1
GHSA
GHSA-rqmp-494m-8qgf: A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 22026-03-29