1036 matches found
CVE-2026-43575
creationtimestamp| type| source ---|---|--- 2026-05-06 20:43:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kv7aqay2l 2026-05-07 02:03:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mla4rxxyf72p 2026-05-07 18:07:08+00:00| seen|...
CVE-2026-33324
SQLBot’s Text-to-SQL prompt injection vulnerability affects versions 1.7.0 and earlier, where the user’s question is concatenated into the LLM prompt and the resulting SQL is executed without validation. An authenticated attacker can craft a malicious query to coerce the LLM into generating and r...
CVE-2026-42034
creationtimestamp| type| source ---|---|--- 2026-05-05 02:40:29+00:00| seen| https://gist.github.com/alon710/0c5e31af5ca396bb556703780eb15c80 2026-05-07 12:01:30+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb677qhnu2l...
CLSA-2026-1777944610 grafana: Fix of CVE-2026-27877
CVE-2026-27877: fix exposure of direct data-source passwords via public dashboards by limiting frontend settings to data sources actually used by the dashboard - Note: upstream test additions in pkg/api/frontendsettingstest.go are not backported. The %check stage only runs the Jest frontend suite...
Astra Linux – Vulnerability in libdbi-perl
A issue was discovered in the DBI module through version 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically specified via the fdir attribute in the data source name DSN. NOTE: This issue exists due to an incomplete fix for CVE-2014-10401...
Astra Linux – Vulnerability in Jackson-Databind
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource...
MiracleLinux 9 : grafana-10.2.6-20.el9_7 (AXSA:2026-526:11)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-526:11 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
exploit-db-skill
Exploit-DB Skill Cross-Platform Small cross-platform helper...
Exploit for Server-Side Request Forgery in Chamilo Chamilo_Lms
CVE-2026-33715 — Unauthenticated SSRF + Open Email Relay in Ch...
RHEL 9 : grafana (RHSA-2026:11416)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11416 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
RHEL 10 : grafana (RHSA-2026:11417)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11417 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
grafana: Grafana: Information disclosure of data-source passwords via public dashboards
A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
grafana: Grafana: Information disclosure of data-source passwords via public dashboards
A flaw was found in Grafana. When public dashboards are used with direct data-sources, sensitive credentials, specifically passwords for all direct data-sources, are exposed. This information disclosure occurs even when these data-sources are not actively utilized in the dashboards. A remote...
RLSA-2026:10223 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 For more details about the security issues, including the impact, a...
grafana security update
An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor f...
RLSA-2026:10226 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 For more details about the security issues, including the impact, a...
grafana security update
An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...
RockyLinux 9 : grafana (RLSA-2026:10226)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:10226 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...