Lucene search
K

487 matches found

OSV
OSV
added last week5 views

CVE-2026-53730 DataEase: Unauthorized Access to Engine Database via previewSql Endpoint

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/datasetData/previewSql endpoint lacks the mandatory @DePermit permission validation annotation, allowing any authenticated user to specify datasourceId=-1, access the built-in engine database, execute...

8.7CVSS6.2AI score0.00235EPSS
Exploits0References4
OSV
OSV
added last week6 views

RLSA-2026:35831 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...

8.2CVSS6AI score0.00478EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-55223

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection match the getXXX form, so JavaBean...

6.3CVSS5.7AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:56 p.m.29 views

CVE-2026-55223 c3p0 exposes a deserialization "sink" via JDBC DataSource bean properties

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for deserialization gadgets. The JDBC spec's DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection match the getXXX form, so JavaBean...

6.3CVSS0.00284EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/30 5:26 p.m.3 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the POST /api/n9e/datasource/list route, which lacks proper authorization checks. An attacker can obtain sensitive credentials, such as database passwords, HTTP bearer tokens, and mTLS client keys, by sending...

7.1CVSS6AI score0.00238EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 5:16 p.m.11 views

CVE-2026-58167

Nightingale n9e before 9.0.0-beta.2 exposes full datasource configurations, including plaintext database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys, to any authenticated low-privilege Standard role user through POST /api/n9e/datasource/list. The route is...

7.1CVSS0.00238EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/30 3:51 p.m.35 views

CVE-2026-58167 Nightingale < 9.0.0-beta.2 - Datasource Credential Disclosure to Low-Privilege Users

Nightingale n9e before 9.0.0-beta.2 exposes full datasource configurations, including plaintext database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys, to any authenticated low-privilege Standard role user through POST /api/n9e/datasource/list. The route is...

7.1CVSS0.00238EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 3:51 p.m.13 views

CVE-2026-58167

Nightingale (n9e) prior to 9.0.0-beta.2 exposes full datasource configurations (plaintext DB passwords, HTTP Bearer tokens, HTTP Basic passwords, and mTLS keys) via POST /api/n9e/datasource/list to any authenticated low-privilege user. The route lacks an admin gate and the DatasourceFilter does n...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 3:51 p.m.8 views

EUVD-2026-40374

Nightingale n9e before 9.0.0-beta.2 exposes full datasource configurations, including plaintext database passwords, HTTP bearer tokens, HTTP basic-auth passwords, and mTLS client keys, to any authenticated low-privilege Standard role user through POST /api/n9e/datasource/list. The route is...

7.1CVSS5.8AI score0.00238EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54435

Name of the Vulnerable Software and Affected Versions c3p0 versions prior to 0.14.0 Description c3p0, a JDBC Connection pooling library, can act as a sink for deserialization gadgets when used with other libraries. The DataSource.getConnection and ConnectionPoolDataSource.getPooledConnection...

6.3CVSS5.8AI score0.00284EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/26 8:41 p.m.26 views

CVE-2026-50137 Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials

Budibase is an open-source low-code platform. Prior to 3.39.0, an anonymous attacker who knows or can enumerate a workspace id app... and an S3-source datasource id ds... can call this endpoint with no auth and obtain a 15-minute pre-signed PUT URL minted on the victim's IAM identity. The endpoin...

8.2CVSS0.00415EPSS
Exploits1References1
CVE
CVE
added 2026/06/26 8:41 p.m.31 views

CVE-2026-50137

Budibase prior to 3.39.0 is affected by CVE-2026-50137: unauthenticated POST /api/attachments/:datasourceId/url allows anonymous callers to mint 15-minute AWS S3 pre-signed PUT URLs using the datasource’s IAM credentials, with the bucket not pinned to the datasource. The attack discloses the targ...

9.4CVSS5.8AI score0.00415EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:36 p.m.26 views

CVE-2026-50136 Budibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentials

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS0.0029EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:36 p.m.7 views

CVE-2026-50136

Budibase is an open-source low-code platform. Prior to 3.39.3, the application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require...

7.4CVSS5.8AI score0.0029EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2026/06/25 5:21 a.m.10 views

Improper Authorization

Apache DolphinScheduler is vulnerable to Improper Authorization. The vulnerability is due to a missing authorization check in the DataSource API, where requests are not properly validated before returning data source metadata, allowing unauthorized users to disclose sensitive data source...

9.8CVSS5.7AI score0.0039EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/22 11:19 p.m.5 views

GHSA-35C4-RVC8-FRHM Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials

Summary The Budibase server route POST /api/attachments/:datasourceId/url packages/server/src/api/routes/static.ts is registered with only the recaptcha middleware. There is no authorized... middleware in the chain. The controller...

9.4CVSS6AI score0.00415EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/22 11:19 p.m.9 views

Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials

Summary The Budibase server route POST /api/attachments/:datasourceId/url packages/server/src/api/routes/static.ts is registered with only the recaptcha middleware. There is no authorized... middleware in the chain. The controller...

9.4CVSS6AI score0.00415EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/22 11:15 p.m.19 views

Budibase: Unauthenticated S3 signed upload URL generation allows arbitrary writes with stored datasource credentials

The application server exposes an unauthenticated endpoint that generates S3 PutObject presigned URLs using credentials stored in a workspace datasource. The route is protected only by the recaptcha middleware and does not require authentication, table permission, datasource permission, or builde...

7.4CVSS6AI score0.0029EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/06/22 11:15 p.m.5 views

Missing Authorization

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Missing Authorization via the getSignedUploadURL process. An attacker can perform unauthorized arbitrary object uploads to S3 buckets by sending crafted requests to the unauthenticated endpoint,...

7.4CVSS5.9AI score0.0029EPSS
Exploits1References2
NVD
NVD
added 2026/06/22 2:16 p.m.13 views

CVE-2026-28381

The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host...

9.6CVSS0.00205EPSS
Exploits0References1
Rows per page
Query Builder