885 matches found
EUVD-2026-31795
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314
CVE-2026-3314 describes a missing password masking vulnerability in Hitachi Ops Center Analyzer (detail view and probe modules) and Hitachi Ops Center Analyzer viewpoint, plus Hitachi Infrastructure Analytics Advisor (Data Center Analytics, Analytics probe modules). Affected versions: Ops Center ...
CVE-2026-3314
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
Hitachi多款产品 安全漏洞
Hitachi Ops Center Analyzer, among others, are products of Hitachi, Ltd., a Japanese company. Hitachi Ops Center Analyzer is a data center management software. Hitachi Infrastructure Analytics Advisor is an IT operations intelligence platform, including Hitachi data center analysis capabilities...
@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/chart-advisor (>=2.0.0 <=2.1.0-alpha.1) +5 more potentially affected by unknown CVE via @antv/ckb (>=2.0.4 <=2.1.0-alpha.0)
@antv/ckb NPM version =2.0.4, =2.0.0, =2.0.0, =1.2.0-beta.0, =1.0.0-alpha.1, =2.0.0, =2.0.0, =0.0.1, =0.1.0-beta.57 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVCKB-16754938...
@antv/chart-advisor (>=1.0.0 <=1.1.7), @antv/chart-linter (>=1.1.5 <=1.1.6) +3 more potentially affected by unknown CVE via @antv/dw-analyzer (=1.1.5)
@antv/dw-analyzer NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-analyzer and may be impacted: - @antv/chart-advisor =1.0.0, =1.1.5, =1.0.0, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory:...
@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/ava (>=3.0.0 <=3.6.0-alpha.0) +18 more potentially affected by unknown CVE via @antv/color-schema (=0.2.3)
@antv/color-schema NPM version =0.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/color-schema and may be impacted: - @antv/auto-chart =2.0.0, =3.0.0, =3.0.0, =2.0.0, =5.1.5, =0.1.0, =2.0.4, =0.1.7, =1.0.0, =3.4.1-formant, =3.3.2-formant,...
@antv/chart-advisor (>=1.0.0 <=1.1.7), @opd/ava (=1.0.0) +1 more potentially affected by unknown CVE via @antv/knowledge (=1.1.4)
@antv/knowledge NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/knowledge and may be impacted: - @antv/chart-advisor =1.0.0, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVKNOWLEDGE-16754454...
@antv/chart-advisor (>=1.1.4 <=1.1.7), @opd/ava (=1.0.0) +1 more potentially affected by unknown CVE via @antv/dw-util (=1.1.4)
@antv/dw-util NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-util and may be impacted: - @antv/chart-advisor =1.1.4, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDWUTIL-16754899...
@antv/chart-advisor (>=1.0.0 <=1.1.7), @antv/chart-linter (>=1.1.5 <=1.1.6) +3 more potentially affected by unknown CVE via @antv/dw-analyzer (=1.1.5)
@antv/dw-analyzer NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-analyzer and may be impacted: - @antv/chart-advisor =1.0.0, =1.1.5, =1.0.0, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory:...
@antv/auto-chart (>=2.0.0 <=2.0.5-alpha.0), @antv/chart-advisor (>=2.0.4 <=2.0.5-alpha.0) +1 more potentially affected by unknown CVE via @antv/data-samples (=1.0.1)
@antv/data-samples NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/data-samples and may be impacted: - @antv/auto-chart =2.0.0, =2.0.4, =2.0.4, =2.0.5-alpha.0 Source cves: unknown CVE Source advisory:...
@antv/chart-advisor (>=1.0.0 <=1.1.7), @opd/ava (=1.0.0) +1 more potentially affected by unknown CVE via @antv/dw-transform (=1.1.7)
@antv/dw-transform NPM version =1.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-transform and may be impacted: - @antv/chart-advisor =1.0.0, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDWTRANSFORM-16754930...
@antv/chart-advisor (>=1.0.0 <=1.1.7), @opd/ava (=1.0.0) +1 more potentially affected by unknown CVE via @antv/dw-transform (=1.1.7)
@antv/dw-transform NPM version =1.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-transform and may be impacted: - @antv/chart-advisor =1.0.0, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDWTRANSFORM-16755099...
@antv/chart-advisor (>=1.1.4 <=1.1.7), @opd/ava (=1.0.0) +1 more potentially affected by unknown CVE via @antv/dw-util (=1.1.4)
@antv/dw-util NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-util and may be impacted: - @antv/chart-advisor =1.1.4, =1.0.0, =1.0.10 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDWUTIL-16755068...
CVE-2026-41713
A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns...
CVE-2026-41713 Prompt Injection via Memory Poisoning in PromptChatMemoryAdvisor
A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns...
Important: Red Hat Security Advisory: General availability of the satellite/iop-advisor-frontend-rhel9 container image
A new satellite/iop-advisor-frontend-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services...
Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty
Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-33151 DESCRIPTION: Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prio...
Spring AI's VectorStoreChatMemoryAdvisor conversation scoping can lead to cross-tenant memory exfiltration
In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input a...