CVE-2025-55150 – Stirling-PDF SSRF Vulnerability

August 11, 2025

CVE ID : CVE-2025-55150

Published : Aug. 11, 2025, 10:15 p.m. | 1 hour, 53 minutes ago

Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.

Severity: 8.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-55012 – Zed Agent Panel Remote Code Execution Permissions Bypass

Next Article CVE-2025-25235 – Omnissa Secure Email Gateway (SEG) SSRF

Highlights

CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-5010

Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago

Description : A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-55150 – Stirling-PDF SSRF Vulnerability

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

GitHub for Beginners: Security best practices with GitHub Copilot

Rilasciato Archinstall 3.0.8: Modifiche Importanti, Correzione di Bug e Nuove Funzionalità

CVE-2025-1950 – IBM Hardware Management Console – Local Command Execution Vulnerability

The 10 Best Managed WordPress Hosting Providers in 2025

CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

CVE-2025-7552 – Dromara Northstar Remote Path Traversal Vulnerability

MSIL/Agent.PYO: Have botnet, will travel

Error’d: Monkey Business

CVE-2025-55150 – Stirling-PDF SSRF Vulnerability

Related Posts