Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61 matches found

Tenable Nessus
Tenable Nessusadded 6 days ago10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before...

7.3CVSS5.9AI score0.00296EPSS
Exploits0References2
NVD
NVDadded last week10 views

CVE-2026-9029

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS0.00296EPSS
Exploits0References1
OSV
OSVadded last week2 views

UBUNTU-CVE-2026-9029

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.9AI score0.00296EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded last week4 views

CVE-2026-9029

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.9AI score0.00296EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded last week31 views

CVE-2026-9029 Stored XSS via Geomap Panel Template Variable Attribution Injection

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS0.00296EPSS
Exploits0References1
EUVD
EUVDadded last week6 views

EUVD-2026-38243

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS6.7AI score0.1546EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded last week8 views

CVE-2026-9029 Stored XSS via Geomap Panel Template Variable Attribution Injection

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.9AI score0.00296EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded last week6 views

CVE-2026-9029

The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent runs on the raw template string before getTemplateSrv.replace substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to OpenLayers via...

7.3CVSS5.9AI score0.00296EPSS
Exploits0
CVE
CVEadded last week69 views

CVE-2026-9029

CVE-2026-9029 affects Grafana’s Geomap panel (XYZ tile layer) where sanitizeTextPanelContent() runs on the raw template string before variable substitution via getTemplateSrv().replace(), allowing an Editor to inject an XSS payload into a textbox variable default value that executes for all dashb...

7.3CVSS5.9AI score0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/22 12:0 a.m.12 views

PT-2026-51321

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A sanitize-then-interpolate ordering bug exists in the geomap panel's XYZ tile layer. The sanitizeTextPanelContent function processes the raw template string...

7.3CVSS5.7AI score0.00296EPSS
Exploits0References7
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Zabbix

Currently, the geomap configuration Administration - General - Geographical maps allows the use of HTML in the “Attribution text” field when the “Other” Tile provider is selected...

5.5CVSS5.6AI score0.62046EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/05/27 4:17 a.m.2 views

SUSE CVE-2023-29452

Currently, geomap configuration Administration - General - Geographical maps allows using HTML in the field “Attribution text” when selected “Other” Tile provider...

5.5CVSS6AI score0.62046EPSS
Exploits0References3
OSV
OSVadded 2025/10/31 2:11 p.m.4 views

OESA-2025-2550 grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS...

7.3CVSS6.5AI score0.00779EPSS
Exploits0References2
OSV
OSVadded 2025/10/31 2:11 p.m.3 views

OESA-2025-2549 grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS...

7.3CVSS6.5AI score0.00779EPSS
Exploits0References2
OSV
OSVadded 2025/10/31 2:11 p.m.2 views

OESA-2025-2548 grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS...

7.3CVSS6.5AI score0.00779EPSS
Exploits0References2
OSV
OSVadded 2025/10/31 2:11 p.m.3 views

OESA-2025-2547 grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS...

7.3CVSS6.5AI score0.00779EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2010-0378

Malware in sbrugna...

4.3CVSS6.4AI score0.00862EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-33021

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.62046EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2022-28569

Malicious code in bioql PyPI...

7.3CVSS7.4AI score0.00779EPSS
Exploits0References6
AlpineLinux
AlpineLinuxadded 2023/07/13 10:15 a.m.1 views

CVE-2023-29452

Currently, geomap configuration Administration - General - Geographical maps allows using HTML in the field “Attribution text” when selected “Other” Tile provider...

5.5CVSS7.1AI score0.62046EPSS
Exploits0
Rows per page
Query Builder