Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-9960
CVE-2025-9960
A restriction bypass vulnerability in is-localhost-ip could allow attackers to perform Server-Side Request Forgery (SSRF). This issue affects is-localhost-ip: 2.0.0.
Published Oct 10, 2025
https://fluidattacks.com/advisories/registrada
CVSS Score
Medium
6.9
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
is-localhost-ip
2.0.0
1-1 of 1
CVE-2025-9960 | Components Impacted | Sonatype Guide | Sonatype Guide
