Lucene search
K

923 matches found

NVD
NVD
added 4 days ago4 views

CVE-2026-55880

OpenReplay is a self-hosted session replay suite. In 1.27.0 and earlier, three dashboard and note mutation functions ran their SQL without the ownership predicate that their sibling read and edit functions use: notes.delete filtered only on note id and project id, while dashboards.updatewidget an...

7.1CVSS0.00195EPSS
Exploits0References1
Wolfi
Wolfi
added 6 days ago8 views

GHSA-22P9-WV53-3RQ4 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.9AI score
Exploits0
Wolfi
Wolfi
added 6 days ago12 views

CVE-2026-48801 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.9AI score
Exploits0
Chainguard
Chainguard
added 6 days ago11 views

CVE-2024-1899 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.3CVSS6.1AI score0.008EPSS
Exploits1
Chainguard
Chainguard
added 6 days ago7 views

GHSA-RMMH-P597-PPVV vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.9AI score
Exploits0
NVD
NVD
added last week8 views

CVE-2026-28378

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS0.00136EPSS
Exploits0References1
NVD
NVD
added last week9 views

CVE-2026-55647

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable...

5.1CVSS0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added last week26 views

CVE-2026-28378 Cross-Organization Public Dashboard Deletion via Missing Org Isolation

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added last week48 views

CVE-2026-28378

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS5.9AI score0.00136EPSS
Exploits0References2Affected Software2
CVE
CVE
added last week56 views

CVE-2026-28378

The CVE-2026-28378 entry describes a vulnerability in Grafana where the public dashboard deletion endpoint does not enforce organization isolation. An Org Admin in one organization can delete public dashboards belonging to another organization by supplying the target dashboard identifiers. Impact...

3.1CVSS5.9AI score0.00136EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added last week5 views

CVE-2026-55647

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable...

5.1CVSS6AI score0.00269EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.6 views

PT-2026-56258

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The public dashboard deletion endpoint does not enforce organization isolation. This allows an Org Admin from one organization to delete public dashboards...

3.1CVSS6.1AI score0.00136EPSS
Exploits0References7
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.13 views

GHSA-G27C-Q7CP-MHX6 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/03 8:22 p.m.11 views

CVE-2026-9673 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards...

7CVSS6.1AI score0.00166EPSS
Exploits0
Wolfi
Wolfi
added 2026/07/03 8:22 p.m.16 views

GHSA-G27C-Q7CP-MHX6 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/07/03 8:22 p.m.14 views

CVE-2026-9673 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

7CVSS5.9AI score0.00166EPSS
Exploits0
Chainguard
Chainguard
added 2026/07/02 8:22 p.m.14 views

GHSA-FGMJ-FM8M-JVVX vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/07/02 8:22 p.m.14 views

CVE-2026-45249 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, opensearch-dashboards...

6.1CVSS6.1AI score0.00759EPSS
Exploits0
Wolfi
Wolfi
added 2026/07/02 8:21 p.m.17 views

GHSA-FGMJ-FM8M-JVVX vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/07/02 8:21 p.m.13 views

CVE-2026-45249 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

6.1CVSS5.8AI score0.00759EPSS
Exploits0
Rows per page
Query Builder