840 matches found
CVE-2026-4332
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed an authenticated user to execute arbitrary JavaScript in the context of other users' browsers due...
CVE-2026-41518
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...
GHSA-298W-VVM4-WW55 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
GHSA-298W-VVM4-WW55 vulnerabilities
Vulnerabilities for packages: wazuh-dashboard-fips, opensearch-dashboards, wazuh-dashboard, opensearch-dashboards-fips...
SUSE-SU-2026:2258-1 Security update for grafana
This update for grafana to version to 11.6.14+security01 fixes the following issues: - Security Fixes: - CVE-2026-34986: Fixed unrecoverable error in JWE decryption that could lead to a denial of service bsc1262950 - CVE-2026-41602: Fixed Integer Overflow or Wraparound vulnerability in Apache...
GHSA-QP7P-654G-CW7P vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
CVE-2026-44458 vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
GHSA-76P7-773F-R4Q5 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
CVE-2026-44459 vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
GHSA-X7HR-W5R2-H6WG vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
GHSA-HM8Q-7F3Q-5F36 vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
CVE-2024-53382 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
CVE-2024-11831 vulnerabilities
Vulnerabilities for packages: opensearch-dashboards...
GHSA-P77W-8QQV-26RM vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
CVE-2026-44457 vulnerabilities
Vulnerabilities for packages: langfuse, opensearch-dashboards...
FreeBSD : Grafana -- Public Dashboards time range restriction on annotations can be bypassed (83cd53f7-58ff-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 83cd53f7-58ff-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-21722 reports: Public dashboards with...
FreeBSD : Grafana -- Public dashboards discloses all direct mode datasources (6b2bf8e9-5900-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6b2bf8e9-5900-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27877 reports: When using public dashboards a...
Malicious code in mcp-dashboards-shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 720dd8595b499c7de37cf7521350fc060292eeea4742de4d8266a9cd7799152c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4296 Malicious code in mcp-dashboards-shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 720dd8595b499c7de37cf7521350fc060292eeea4742de4d8266a9cd7799152c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview mcp-dashboards-shared is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...