Lucene search
K

8 matches found

OSV
OSV
added 2026/07/08 7:32 p.m.1 views

CVE-2026-59822 LiteLLM: MCP Authentication Bypass via OAuth2 Passthrough Fallback

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key...

8.8CVSS6.1AI score0.00243EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/11/17 7:59 p.m.5 views

CVE-2025-3717

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is n...

2.1CVSS6.8AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/17 7:59 p.m.7 views

CVE-2025-41116

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

2.1CVSS6.8AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 8:17 p.m.14 views

CVE-2025-3717 Incorrect oauth passthrough in Grafana Snowflake Datasource

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

2.1CVSS0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

Grafana Snowflake Datasource Plugin 安全漏洞

Grafana Snowflake Datasource Plugin is an open source database connectivity plugin for Grafana. A security vulnerability exists in Grafana Snowflake Datasource Plugin version 1.5.0 through versions prior to 1.14.1, which stems from an incorrect use of a user identifier when Oauth passthrough is...

2.1CVSS6.3AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.11 views

PT-2025-46531

Name of the Vulnerable Software and Affected Versions Grafana Snowflake Datasource Plugin versions 1.5.0 through 1.14.0 Description The Grafana Snowflake Datasource Plugin contains a flaw where, with Oauth passthrough enabled, concurrent use by multiple users on a single Grafana instance can lead...

2.1CVSS6.4AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.11 views

PT-2025-46532

Name of the Vulnerable Software and Affected Versions Grafana Databricks Datasource Plugin versions 1.12.1 through 1.12.0 Description The Grafana Databricks Datasource Plugin has an issue where, with Oauth passthrough enabled, multiple users sharing a single Grafana instance and datasource may...

2.1CVSS6.4AI score0.00262EPSS
Exploits0References3
Grafana
Grafana
added 2025/11/11 12:0 a.m.14 views

CVE-2025-3717

Grafana is an open-source platform for monitoring and observability. The Grafana-Snowflake-Datasource is a plugin allowing Grafana to visualize data from Snowflake Versions between 1.5.0 and 1.14.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are using the same...

2.1CVSS5.8AI score0.00262EPSS
Exploits0
Rows per page
Query Builder