Description
A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution.
Published: 2026-03-29
Score: 7.5 High
EPSS: 1.9% Low
KEV: No
Impact: Potential data disclosure and remote code execution through internal requests
Action: Apply Patch
AI Analysis

Impact

The vulnerability arises from the absence of validation on user‑provided URLs in the `/api/files/export-content` endpoint of parisneo/lollms. An attacker can provide a crafted URL to the internal `_download_image_to_temp` function, forcing the server to perform arbitrary HTTP requests. This can expose sensitive internal services, retrieve cloud instance metadata, conduct port scans, and in some cases lead to remote code execution on the host. The weakness correlates with the Server‑Side Request Forgery pattern (CWE‑918).

Affected Systems

Parisneo’s lollms application, versions earlier than 2.2.0, is affected. The issue is present in the backend routers in the `files.py` module, specifically the `_download_image_to_temp` routine used by the `/api/files/export-content` API endpoint.

Risk and Exploitability

The CVSS v3 score of 7.5 reflects a high potential for impact. The EPSS score is 2%, indicating a low probability of public exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. Nevertheless, because the flaw allows attackers to drive outbound traffic from the vulnerable server, it can serve as a pivot to internal systems, making it a significant insider‑or‑remote threat. The typical attack vector is a remote HTTP request to the vulnerable endpoint, with the attacker controlling the target URL.

Generated by OpenCVE AI on April 28, 2026 at 16:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade parisneo/lollms to version 2.2.0 or later.
  • Restrict outbound network access from the server hosting lollms, e.g., using a firewall or network segmentation.
  • Implement strict URL validation or a whitelist for the `/api/files/export-content` endpoint to block unexpected external requests.
  • Monitor logs for unusual activity on the `/api/files/export-content` endpoint and for unexpected outbound connections from the application.

Generated by OpenCVE AI on April 28, 2026 at 16:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Lollms
Lollms lollms
CPEs cpe:2.3:a:lollms:lollms:*:*:*:*:*:*:*:*
Vendors & Products Lollms
Lollms lollms
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Mon, 30 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Parisneo
Parisneo parisneo/lollms
Vendors & Products Parisneo
Parisneo parisneo/lollms

Sun, 29 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Description A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.0, specifically in the `/api/files/export-content` endpoint. The `_download_image_to_temp()` function in `backend/routers/files.py` fails to validate user-controlled URLs, allowing attackers to make arbitrary HTTP requests to internal services and cloud metadata endpoints. This vulnerability can lead to internal network access, cloud metadata access, information disclosure, port scanning, and potentially remote code execution.
Title Server-Side Request Forgery (SSRF) in parisneo/lollms
Weaknesses CWE-918
References
Metrics cvssV3_0

{'score': 7.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Lollms Lollms
Parisneo Parisneo/lollms
cve-icon MITRE

Status: PUBLISHED

Assigner: @huntr_ai

Published:

Updated: 2026-03-30T15:33:31.963Z

Reserved: 2026-01-01T22:10:15.839Z

Link: CVE-2026-0560

cve-icon Vulnrichment

Updated: 2026-03-30T15:33:28.026Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-29T18:16:14.303

Modified: 2026-03-31T19:37:38.187

Link: CVE-2026-0560

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T17:00:13Z

Weaknesses