Vantage6: 2FA can be circumvented with hacked email access

Impact If an attacker hacks into a vantage6 user's email account, they can 1 reset the password via email and then 2 reset the 2FA token via email. This way they reduce 2FA to 1FA email access. Note that most email providers require 2FA to access email, so this issue is not very likely to cause...

CVE-2025-12679

A vulnerability in Brocade SANnav before 2.4.0b prints the Password-Based Encryption PBE key in plaintext in the system audit log file. The vulnerability could allow a remote authenticated attacker with access to the audit logs to access the pbe key. Note: The vulnerability is only triggered duri...

CVE-2025-61943

The vulnerability, if exploited, could allow an authenticated miscreant Process Optimization Standard User to tamper with queries in Captive Historian and achieve code execution under SQL Server administrative privileges, potentially resulting in complete compromise of the SQL Server...

CVE-2026-22640

An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator...

CVE-2026-22640

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-22640

CVE-2026-22640 describes an access control vulnerability in Grafana OSS where an Organization administrator can permanently delete the Server administrator account via the DELETE /api/org/users/ endpoint. The attack requires an existing Organization administrator and either a Server administrator...

CVE-2026-22640

...

EUVD-2026-2799

An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator...

CVE-2026-22640

...

PT-2026-3007

Name of the Vulnerable Software and Affected Versions Grafana OSS affected versions not specified Description An access control issue exists in Grafana OSS that allows an Organization administrator to permanently delete the Server administrator account. This is possible when an Organization...

EUVD-2017-16384

Malware in sbrugna...

EUVD-2012-4880

Malware in sbrugna...

EUVD-2021-0123

Malware in sbrugna...

EUVD-2012-6127

Malware in sbrugna...

EUVD-2019-13358

Malware in sbrugna...

EUVD-2001-1203

Malware in sbrugna...

EUVD-2025-21760

Malicious code in bioql PyPI...

EUVD-2021-8785

Malicious code in bioql PyPI...

EUVD-2023-47500

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-3580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. Thi...