CVE-2026-25887

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via the MongoDB dataset Query. This issue has been patched in version 4.8.1...

CVE-2026-25887

Chartbrew is affected prior to version 4.8.1 with a remote code execution vulnerability via the MongoDB dataset Query. The issue, classified as CVSS 3.1 Base Score 7.2 (HIGH), has been patched in version 4.8.1. Affected: Chartbrew

CVE-2026-25887 Chartbrew: Remote Code Execution (RCE) via MongoDB Dataset Query

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via the MongoDB dataset Query. This issue has been patched in version 4.8.1...

CVE-2026-25887 Chartbrew: Remote Code Execution (RCE) via MongoDB Dataset Query

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via the MongoDB dataset Query. This issue has been patched in version 4.8.1...

CVE-2026-25887 Chartbrew: Remote Code Execution (RCE) via MongoDB Dataset Query

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via the MongoDB dataset Query. This issue has been patched in version 4.8.1...

PT-2026-23636

Name of the Vulnerable Software and Affected Versions Chartbrew versions prior to 4.8.1 Description Chartbrew is a web application that connects to databases and APIs to create charts. Versions of the software prior to 4.8.1 contain a remote code execution issue stemming from the MongoDB dataset...

EUVD-2026-8476

An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...

CVE-2026-23982 Apache Superset: Improper Authorization in Dataset Creation Allows Access Control Bypass

An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...

PT-2026-21680

Name of the Vulnerable Software and Affected Versions Apache Superset versions prior to 6.0.0 Description An improper authorization issue exists in Apache Superset that allows a low-privileged user to bypass data access controls. Specifically, an authenticated attacker with permissions to write...

Fortinet FortiAnalyzer 输入验证错误漏洞

Fortinet FortiAnalyzer is a set of centralized network security reporting solutions from the U.S. company Fiat Fortinet. The product is mainly used to collect network log data, and through the reporting suite of security events in the log, network traffic, Web content, etc. to analyze, report,...