Filtered by vendor Portkey.ai
Subscriptions
Filtered by product Gateway
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66405 | 2 Portkey-ai, Portkey.ai | 2 Gateway, Gateway | 2026-02-06 | 9.8 Critical |
| Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0. | ||||
Page 1 of 1.