CVE-2025-41116

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

CVE-2025-41116

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

CVE-2025-41116

CVE-2025-41116 affects Grafana Databricks Datasource Plugin. When Oauth passthrough is enabled and multiple users share a single Grafana instance/datasource, the wrong user identifier can be used, potentially returning data the viewer is not authorized to see. Affected versions: 1.6.0 up to, but ...

CVE-2025-41116 Incorrect oauth passthrough in Grafana Snowflake Datasource

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

CVE-2025-41116 Incorrect oauth passthrough in Grafana Databricks Datasource

When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...

CVE-2025-41116

Grafana is an open-source platform for monitoring and observability. The Grafana-Databricks-Datasource is a plugin allowing Grafana to visualize data from Databricks Enterprise Versions between 1.6.0 and 1.12.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are usin...

PT-2025-46532

Name of the Vulnerable Software and Affected Versions Grafana Databricks Datasource Plugin versions 1.12.1 through 1.12.0 Description The Grafana Databricks Datasource Plugin has an issue where, with Oauth passthrough enabled, multiple users sharing a single Grafana instance and datasource may...

Grafana Databricks Datasource Plugin 安全漏洞

Grafana Databricks Datasource Plugin is an open source datasource connection plugin for Grafana. A security vulnerability exists in Grafana Databricks Datasource Plugin version 1.12.1 through versions prior to 1.12.0, which stems from the incorrect use of user identifiers when Oauth passthrough i...

ai.catboost:catboost-spark_3.5_2.13 (>=1.2.3 <=1.2.10), ch.cern.sparkmeasure:spark-measure_2.13 (=0.24) +136 more potentially affected by CVE-2025-55039 via org.apache.spark:spark-network-common_2.13 (>=3.5.0 <=3.5.1)

org.apache.spark:spark-network-common2.13 MAVEN version =3.5.0, =1.2.3, =4.43.0, =3.5.0, =3.5.00.20.1, =3.5.0, =2.0.4, =2.1.6-spark-3.5.1, =2.1.6-spark-3.5.1, =1.1.1, =1.1.3 and more Source cves: CVE-2025-55039 Source advisory: OSV:GHSA-6P6V-M64V-JX8Q...

beam-pyspark-runner (>=0.0.1 <=0.0.3), brel-xbrl (=0.8.2a1) +53 more potentially affected by CVE-2025-55039 via pyspark (>=3.5.0 <=3.5.1)

pyspark PYPI version =3.5.0, =0.0.1, =1.3.2, =0.13.0, =0.0.1, =1.2.17, =0.0.0, =5.0.0, =0.0.3, =1.1.0 - hari-data =0.1.5 - hermione-databricks =1.0.1 and more Source cves: CVE-2025-55039 Source advisory: OSV:GHSA-6P6V-M64V-JX8Q...

ai.catboost:catboost-spark_3.5_2.13 (>=1.2.3 <=1.2.10), ch.cern.sparkmeasure:spark-measure_2.13 (=0.24) +136 more potentially affected by CVE-2025-55039 via org.apache.spark:spark-network-common_2.13 (>=3.5.0 <=3.5.1)

org.apache.spark:spark-network-common2.13 MAVEN version =3.5.0, =1.2.3, =4.43.0, =3.5.0, =3.5.00.20.1, =3.5.0, =2.0.4, =2.1.6-spark-3.5.1, =2.1.6-spark-3.5.1, =1.1.1, =1.1.3 and more Source cves: CVE-2025-55039 Source advisory: SNYK:JAVA-ORGAPACHESPARK-13553869...

EUVD-2024-3598

Malicious code in bioql PyPI...

EUVD-2025-25589

Malicious code in bioql PyPI...

CVE-2025-53763

Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-53763

Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-53763 Azure Databricks Elevation of Privilege Vulnerability

...

CVE-2025-53763 Azure Databricks Elevation of Privilege Vulnerability

...

CVE-2025-53763

The CVE-2025-53763 entry concerns Azure Databricks with an improper access control issue that can allow an unauthenticated, network-based attacker to elevate privileges. Affected component is Azure Databricks (per multiple sources), with root cause described as access control misconfiguration ena...

Azure Databricks Elevation of Privilege Vulnerability

Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network...

PT-2025-34292 · Microsoft · Azure Databricks

Name of the Vulnerable Software and Affected Versions: Azure Databricks affected versions not specified Description: Improper access control in Azure Databricks can allow an unauthorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no information about a...