607 matches found
CVE-2026-28297
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28297 SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28297 SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution...
CVE-2026-28297
CVE-2026-28297 affects SolarWinds Observability Self-Hosted. A stored cross-site scripting vulnerability could lead to unintended script execution. CVSS metrics show a HIGH base score (8.7 from NVD; 6.1 from PSIRT). Exploitation details or fixed versions are not provided in the connected document...
PT-2026-28375
Name of the Vulnerable Software and Affected Versions SolarWinds Observability Self-Hosted affected versions not specified Description The software is subject to a stored cross-site scripting issue. Successful exploitation may result in the execution of unintended scripts. The vulnerability...
SolarWinds Observability Self-Hosted 跨站脚本漏洞
SolarWinds Observability Self-Hosted is an observability platform developed by the American company SolarWinds. SolarWinds Observability Self-Hosted has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting vulnerability. This vulnerability may lead to...
SolarWinds Observability Self-Hosted 跨站脚本漏洞
SolarWinds Observability Self-Hosted is an observability platform developed by the American company SolarWinds. SolarWinds Observability Self-Hosted has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting vulnerability. This vulnerability may lead to...
PT-2026-28374
Name of the Vulnerable Software and Affected Versions SolarWinds Observability Self-Hosted affected versions not specified Description The software is subject to a stored cross-site scripting issue. Successful exploitation may result in unintended script execution. The impact is limited by a...
CVE-2026-23308
A flaw was found in the Linux kernel's pinctrl equilibrium driver. This issue arises from a redundant call to the gpiochipdisableirq function within eqbrirqmask. Consequently, the system generates excessive warning traces in the kernel log during system load. While not directly exploitable for...
Observability for AI Systems: Strengthening visibility for proactive risk detection
Adoption of Generative AI GenAI and agentic AI has accelerated from experimentation into real enterprise deployments. What began with copilots and chat interfaces has quickly evolved into powerful business systems that autonomously interact with sensitive data, call external APIs, connect to...
Observability for AI Systems: Strengthening visibility for proactive risk detection
Adoption of Generative AI GenAI and agentic AI has accelerated from experimentation into real enterprise deployments. What began with copilots and chat interfaces has quickly evolved into powerful business systems that autonomously interact with sensitive data, call external APIs, connect to...
Important: Red Hat Security Advisory: Cluster Observability Operator 1.4.0
The Cluster Observability Operator COO is a Red Hat OpenShift Container Platform Operator that you can deploy to manage observability component stacks by using custom resource descriptions CRDs. The 1.4 release of COO...
Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.313 Vulnerability Details CVEID:CVE-2025-49177 DESCRIPTION: A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a clie...
EUVD-2026-11234
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
CVE-2026-20166
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
CVE-2026-20166 Sensitive Information Disclosure in Discover Splunk Observability Cloud app for Splunk Enterprise
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
CVE-2026-20166
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
CVE-2026-20166
CVE-2026-20166 affects Splunk Enterprise and Splunk Cloud Platform where a low-privilege user (not admin/power) could retrieve the Observability Cloud API access token via the Discover Splunk Observability Cloud app due to improper access control. Affected: Splunk Enterprise < 10.2.1 and < ...
CVE-2026-20166 Sensitive Information Disclosure in Discover Splunk Observability Cloud app for Splunk Enterprise
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover...
Splunk Cloud Platform和Splunk Enterprise 信息泄露漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Vulnerabilities exist in versions of...