CVE-2026-0560 Scanner

LolLMS is a software framework used for designing and deploying machine learning models. Developed by the ParisNeo group, it simplifies the machine learning lifecycle by providing an integrated suite of tools for data processing, model training, evaluation, and deployment. Organizations, especially those in research and analytics, leverage LolLMS to enhance machine learning efficiency and output. The software is commonly implemented in environments where rapid and iterative development is necessary. Its user-friendly interface and scalable architecture make it accessible to both novice and expert engineers. As a critical component in AI-driven projects, maintaining its security is paramount for safeguarding data and systems.

Server-Side Request Forgery (SSRF) is a vulnerability that allows an attacker to make requests from the vulnerable server to any unintended locations. This occurs when a server processes untrusted user-supplied URLs or endpoints without proper validation and control. SSRF can lead to the exposure of sensitive information and unauthorized access to local network resources. Attackers utilize SSRF to circumvent firewall restrictions and access internal systems or cloud metadata. The consequences of exploiting this vulnerability can range from service disruption to full system compromise. Preventing SSRF requires careful input validation and controls around external data interactions.

The SSRF vulnerability in LolLMS exists in versions prior to 2.2.0, specifically within the '/api/files/export-content' endpoint. The endpoint processes Markdown image URLs via the '_download_image_to_temp()' function located in 'backend/routers/files.py'. Due to lack of validation, this function allows unauthenticated users to supply arbitrary URLs. As the server fetches these URLs, attackers can access internal network services or sensitive cloud metadata. This allows them to conduct activities like information disclosure, port scanning, or potentially execute remote code. By ensuring endpoint validation and updating to version 2.2.0, the risks associated with this flaw can be mitigated.

When exploited, the SSRF vulnerability could lead to severe impacts on the affected network and applications. Malicious actors could leverage unauthorized access to internal services, leading to data breaches or network disruptions. Sensitive information that resides within cloud services could be harvested. This access may facilitate unauthorized actions across network spaces normally shielded from external exposure. In severe cases, the exploitation might result in command execution, causing a compromise of system integrity and confidentiality. Organizations must prioritize securing endpoints to protect against these potential consequences.

REFERENCES

• https://huntr.com/bounties/65e43a5e-b902-4369-b738-1825285a3ea5
• https://nvd.nist.gov/vuln/detail/CVE-2026-0560
• https://github.com/parisneo/lollms/commit/76a54f0df2df8a5b254aa627d487b5dc939a0263