Vulnerability Database

Published: Sep 9, 2025
Updated: Nov 16, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-44594" target="_blank" rel="noopener"> CVE-2025-44594
Severity: Critical
Exploit:

308,379

Total vulnerabilities in the database

halo v2.20.17 and before is vulnerable to server-side request forgery (SSRF) in /apis/uc.api.storage.halo.run/v1alpha1/attachments/-/upload-from-url.

CVSS v3:

CWEs:

Software	From	Fixed in
halo / halo	-	2.20.17.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.