{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6220", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-13T13:29:41.246Z", "datePublished": "2026-04-13T21:00:14.084Z", "dateUpdated": "2026-04-14T13:45:56.944Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-13T21:00:14.084Z"}, "title": "HummerRisk Video File Download URL ServerService.java ServerService.addServer server-side request forgery", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "Server-Side Request Forgery"}]}], "affected": [{"vendor": "n/a", "product": "HummerRisk", "versions": [{"version": "1.0", "status": "affected"}, {"version": "1.1", "status": "affected"}, {"version": "1.2", "status": "affected"}, {"version": "1.3", "status": "affected"}, {"version": "1.4", "status": "affected"}, {"version": "1.5.0", "status": "affected"}], "modules": ["Video File Download URL Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.8, "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-13T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-13T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-13T15:44:51.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "cccccccti (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/357141", "name": "VDB-357141 | HummerRisk Video File Download URL ServerService.java ServerService.addServer server-side request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/357141/cti", "name": "VDB-357141 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785855", "name": "Submit #785855 | HummerRisk 1.5.0 Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ccccccctiiiiiiii-lab/public_exp/issues/1", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T13:45:48.764703Z", "id": "CVE-2026-6220", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T13:45:56.944Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "HummerRisk Video File Download URL ServerService.java ServerService.addServer server-side request forgery", "credits": [{"lang": "en", "type": "reporter", "value": "cccccccti (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5.8, "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "n/a", "modules": ["Video File Download URL Handler"], "product": "HummerRisk", "versions": [{"status": "affected", "version": "1.0"}, {"status": "affected", "version": "1.1"}, {"status": "affected", "version": "1.2"}, {"status": "affected", "version": "1.3"}, {"status": "affected", "version": "1.4"}, {"status": "affected", "version": "1.5.0"}]}], "timeline": [{"lang": "en", "time": "2026-04-13T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-13T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-13T15:44:51.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/357141", "name": "VDB-357141 | HummerRisk Video File Download URL ServerService.java ServerService.addServer server-side request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/357141/cti", "name": "VDB-357141 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/785855", "name": "Submit #785855 | HummerRisk 1.5.0 Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ccccccctiiiiiiii-lab/public_exp/issues/1", "tags": ["exploit", "issue-tracking"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "Server-Side Request Forgery"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-13T21:00:14.084Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6220", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T13:45:48.764703Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-04-14T13:45:53.434Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-6220", "state": "PUBLISHED", "dateUpdated": "2026-04-13T21:00:14.084Z", "dateReserved": "2026-04-13T13:29:41.246Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-13T21:00:14.084Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6220", "lastModified": "2026-04-13T22:16:30.550", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-13T22:16:30.550", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/ccccccctiiiiiiii-lab/public_exp/issues/1"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/785855"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/357141"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/357141/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.3"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "1.4"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "1.5.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "HummerRisk", "source": "cna", "vendor": "n/a"}, "product": "hummerrisk", "vendor": "hummerrisk"}], "analysis": {"en": {"generated_at": "2026-04-13T22:24:12.126678+00:00", "value": {"mitigation_remediation": ["Check the HummerRisk website or trusted security bulletins for a patch or update that addresses the SSRF issue, and apply it immediately when available.", "If a patch has not yet been released, restrict outbound network traffic from the impacted server to only known trusted endpoints so that any unintended requests cannot reach internal resources.", "Continuously monitor application logs for abnormal outbound requests generated by the ServerService.addServer method, and investigate any suspicious patterns or failures."], "summary": {"action": "Apply patch", "impact": "Server\u2011side request forgery may allow an attacker to cause the HummerRisk service to send arbitrary requests on its behalf, potentially exposing internal resources or exfiltrating data."}, "threat_synthesis": {"affected_systems": "The affected product is HummerRisk\u2019s Video File Download URL Handler component. All installations running version 1.5.0 or earlier are vulnerable. No specific vendors beyond HummerRisk are listed, and the vendor has yet to publish a fix.\n", "description_and_impact": "A flaw exists in the Video File Download URL Handler of HummerRisk up to version 1.5.0, where the ServerService.addServer function accepts a manipulated streamIp argument. This manipulation enables server\u2011side request forgery, allowing an attacker to cause the server to initiate requests to arbitrary destinations without authentication. The vulnerability is publicly exploitable and can be launched remotely.", "risk_and_exploitability": "The CVSS base score of 5.1 indicates a moderate severity. The EPSS score is not available, but the presence of a publicly available exploit and the ability to launch it remotely raise the exploitation likelihood. The vulnerability is not included in the CISA KEV catalog, suggesting limited documented exploitation at this time. The attack vector is inferred to be remote, as the description notes that the attack can be launched remotely and no local user privileges are required.\u00a0"}}}}, "created": "2026-04-14T16:18:05.543428+00:00", "updated": "2026-04-14T16:33:12.406409+00:00", "vendors": ["hummerrisk", "hummerrisk$PRODUCT$hummerrisk"]}