Known Vulnerabilities for Http-client by Symfony
Listed below are 10 of the newest known vulnerabilities associated with "Http-client" by "Symfony".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-63088 json | stoatchat before 0.14.0 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated network-acces... | Not Provided | 2026-07-16 | 2026-07-16 |
| CVE-2026-63086 json | text-generation-inference through 3.3.7 contains a server-side request forgery (SSRF) vulnerability in the OpenAI-compatible ... | Not Provided | 2026-07-16 | 2026-07-16 |
| CVE-2026-62314 json | Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bo... | Not Provided | 2026-07-15 | 2026-07-16 |
| CVE-2026-61451 json | The Grav API plugin (grav-plugin-api) before 1.0.4 does not validate the origin of the client-supplied admin_base_url field i... | Not Provided | 2026-07-15 | 2026-07-15 |
| CVE-2026-61435 json | PraisonAI before 4.6.78 contains an authentication bypass in the Call API agent invocation endpoints (src/praisonai/praisonai... | Not Provided | 2026-07-15 | 2026-07-15 |
| CVE-2026-61427 json | PraisonAI before 4.6.78 exposes the MCP HTTP-stream transport without authentication by default: the CLI --api-key option def... | Not Provided | 2026-07-15 | 2026-07-16 |
| CVE-2026-59939 json | httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTT... | Not Provided | 2026-07-08 | 2026-07-10 |
| CVE-2026-59892 json | OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes inc... | Not Provided | 2026-07-08 | 2026-07-08 |
| CVE-2026-59883 json | Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-num... | Not Provided | 2026-07-08 | 2026-07-09 |
| CVE-2026-59867 json | Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.5, Kiota resolved OpenAPI $ref values by fetching remote ... | Not Provided | 2026-07-16 | 2026-07-16 |