Lucene search
+L

378 matches found

EUVD
EUVD
added 2026/04/02 6:31 p.m.4 views

EUVD-2026-18364

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

9.9CVSS6AI score0.00289EPSS
Exploits1References3
NVD
NVD
added 2026/04/02 5:16 p.m.6 views

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

9.9CVSS0.00289EPSS
Exploits1References2
CVE
CVE
added 2026/04/02 12:0 a.m.22 views

CVE-2026-25212

Percona PMM prior to 3.7 is affected. An internal database user with superuser privileges can leverage the pmm-admin authenticated Add data source flow to break out of the database context and run shell commands on the underlying OS. This is evidenced in multiple sources (e.g., Percona release no...

9.9CVSS6AI score0.00289EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/02 12:0 a.m.3 views

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

9.9CVSS6AI score0.00289EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29794

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

9.9CVSS6AI score0.00289EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/02 12:0 a.m.3 views

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

6AI score0.00289EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.8 views

Percona PMM 安全漏洞

Percona PMM is a database monitoring and performance analysis platform developed by Percona, Inc. Versions of Percona PMM prior to version 3.7 contained security vulnerabilities. These vulnerabilities stemmed from internal database users retaining superuser privileges, which could allow attackers...

9.9CVSS5.9AI score0.00289EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/02 12:0 a.m.16 views

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

0.00289EPSS
Exploits1References2
OSV
OSV
added 2026/04/02 12:0 a.m.3 views

CVE-2026-25212

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system...

9.9CVSS6AI score0.00289EPSS
Exploits1References4
OSV
OSV
added 2026/04/01 9:13 a.m.4 views

CLEANSTART-2026-AC65885 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25518, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.18.0-r0, 1.18.0-r1, 1.18.0-r2, 1.18.0-r3

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS6.9AI score0.00765EPSS
Exploits2References25
Chainguard
Chainguard
added 2026/02/20 1:17 a.m.22 views

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: spire-server-fips, ratify, apko, cerbos, tailscale, temporal-server, beats, step-kms-plugin-fips, sqlexporter, terragrunt, gitea-fips, mariadb-operator, sops, sqlexporter-fips, elastic-agent-fips, fulcio-fips, jitsucom-bulker, argo-workflows-fips, rekor, cg,...

6.1AI score
Exploits0
OSV
OSV
added 2026/02/06 12:39 a.m.7 views

CLEANSTART-2026-JN44153 Security fixes for GHSA-F6X5-JH6R-WRFV, GHSA-GX3X-VQ4P-MHHV, GHSA-J5W8-Q4QC-RX2X applied in versions: 1.18.0-r0, 1.19.0-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

5.9AI score
Exploits0References4
Chainguard
Chainguard
added 2026/02/04 7:17 p.m.10 views

CVE-2026-25518 vulnerabilities

Vulnerabilities for packages: cert-manager-webhook-pdns, percona-server-mongodb-operator, step-issuer, percona-xtradb-cluster-operator, aws-privateca-issuer, cert-manager-istio-csr, opentelemetry-operator-fips, percona-xtradb-cluster-operator-fips, mariadb-operator, aws-privateca-issuer-fips,...

5.9CVSS6.1AI score0.00349EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/04 1:48 p.m.7 views

CVE-2026-25518 vulnerabilities

Vulnerabilities for packages: mariadb-operator, cert-manager-csi-driver, opentelemetry-operator, step-issuer, cert-manager-webhook-pdns, aws-privateca-issuer, cert-manager-cmctl, cert-manager-istio-csr, percona-server-mongodb-operator...

5.9CVSS6.1AI score0.00349EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/03 7:48 p.m.5 views

GHSA-GX3X-VQ4P-MHHV vulnerabilities

Vulnerabilities for packages: mariadb-operator, cert-manager-csi-driver, opentelemetry-operator, step-issuer, cert-manager-webhook-pdns, aws-privateca-issuer, cert-manager-cmctl, cert-manager-istio-csr, percona-server-mongodb-operator...

6.1AI score
Exploits0
Chainguard
Chainguard
added 2026/02/03 7:17 p.m.6 views

GHSA-GX3X-VQ4P-MHHV vulnerabilities

Vulnerabilities for packages: cert-manager-webhook-pdns, percona-server-mongodb-operator, step-issuer, percona-xtradb-cluster-operator, aws-privateca-issuer, cert-manager-istio-csr, opentelemetry-operator-fips, percona-xtradb-cluster-operator-fips, mariadb-operator, aws-privateca-issuer-fips,...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.10 views

CVE-2020-7920

pmm-server in Percona Monitoring and Management PMM 2.2.x before 2.2.1 allows unauthenticated denial of service...

7.8CVSS7AI score0.02097EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.7 views

CVE-2019-12301

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset the root password to a blank value upon an upgrade. This was fixed in 5.6.44-85.0-2...

10CVSS7.1AI score0.0197EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.7 views

CVE-2021-27928 vulnerabilities

Vulnerabilities for packages: percona-server...

9CVSS9.3AI score0.38179EPSS
Exploits9
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

GHSA-Q88M-4HG8-4H3H vulnerabilities

Vulnerabilities for packages: percona-server...

7AI score
Exploits0
Rows per page
Query Builder