CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

4.3CVSS6.3AI score0.00038EPSS

Exploits0References7

EUVD•added 2026/01/15 1:10 p.m.•2 views

EUVD-2026-2826

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

7.6CVSS5.9AI score0.00046EPSS

Exploits0References7

OSV•added 2026/01/15 12:53 p.m.•4 views

CGA-MVCJ-PC68-76CM

Bulletin has no description...

8.2CVSS6.7AI score0.00021EPSS

Exploits0

EUVD•added 2026/01/15 6:31 a.m.•3 views

EUVD-2026-2834

Not used...

6.4AI score

Exploits0References1

EUVD•added 2026/01/15 6:31 a.m.•2 views

EUVD-2026-2836

Not used...

6.4AI score

Exploits0References1

EUVD•added 2026/01/15 6:31 a.m.•2 views

EUVD-2026-2833

Not used...

6.4AI score

Exploits0References1

EUVD•added 2026/01/14 6:38 p.m.•3 views

EUVD-2026-2442

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Drupal Flag allows Cross-Site Scripting XSS.This issue affects Flag: from 7.X-3.0 through 7.X-3.9...

4.8CVSS5.3AI score0.00052EPSS

Exploits1References3

EUVD•added 2026/01/14 4:17 p.m.•3 views

EUVD-2026-2459

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS7.8AI score0.00132EPSS

Exploits0References2

EUVD•added 2026/01/14 3:7 p.m.•2 views

EUVD-2026-2480

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the...

5.8AI score0.00023EPSS

Exploits0References5

EUVD•added 2026/01/14 3:7 p.m.•3 views

EUVD-2026-2468

In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions are called...

6.1AI score0.00022EPSS

Exploits0References4

EUVD•added 2026/01/14 3:7 p.m.•2 views

EUVD-2026-2473

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...

6AI score0.00023EPSS

Exploits0References6

EUVD•added 2026/01/14 3:7 p.m.•2 views

EUVD-2026-2485

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

5.9AI score0.00023EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by