437 matches found
CVE-2026-48526 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
GHSA-FHV5-28VV-H8M8 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
GHSA-W7VC-732C-9M39 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
GHSA-XGMM-8J9V-C9WX vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
GHSA-993G-76C3-P5M4 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
GHSA-JQ35-7PRP-9V3F vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
CVE-2026-48524 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
CVE-2026-48522 vulnerabilities
Vulnerabilities for packages: ggshield, datadog-agent, kserve, superset...
Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6becf49ea70ecc24e313fe6cd9f7a232df9465f3417b14de0f0002fcc170ab42 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5943 Malicious code in @mastra/datadog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6becf49ea70ecc24e313fe6cd9f7a232df9465f3417b14de0f0002fcc170ab42 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
EUVD-2026-36762
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39196
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39197
An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...
CVE-2026-39196
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the seturiquery parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements...
CVE-2026-39197
An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service DoS via a crafted request or payload...
PT-2026-49302
Name of the Vulnerable Software and Affected Versions Vector versions prior to 0.55.0 Description The ClickHouse sink contains a SQL/identifier injection flaw. The software escaped the table identifier but interpolated the database value raw into the INSERT statement, allowing a crafted database...
GHSA-QP9X-WP8F-QGJJ vulnerabilities
Vulnerabilities for packages: datadog-agent...
GHSA-QP9X-WP8F-QGJJ vulnerabilities
Vulnerabilities for packages: datadog-agent, datadog-agent-fips...
CVE-2026-11362
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-11362
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...