CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/03/06 3:4 p.m.•23 views

CVE-2026-2752

5.3CVSS0.00043EPSS

CVE•added 2026/03/06 3:4 p.m.•3 views

CVE-2026-2752

CVE-2026-2752 affects Navtor NavBox via the /api/ais-data endpoint, where a remote unauthenticated attacker can trigger an unhandled exception, causing verbose .NET stack traces to be returned. This information disclosure exposes internal class names, methods, and third‑party library references (...

ATTACKERKB•added 2026/03/06 3:4 p.m.•1 views

CVE-2026-2752

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/06 3:4 p.m.•0 views

CVE-2026-2752

Positive Technologies•added 2026/03/06 12:0 a.m.•1 views

PT-2026-23716

CNNVD•added 2026/02/14 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of recursive protection in the kernel stack trace records. This vulnerability could lead t...

5.5CVSS5.8AI score0.00021EPSS

SUSE CVE•added 2026/02/13 12:30 a.m.•1 views

SUSE CVE-2025-41117

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

NVD•added 2026/02/12 9:16 a.m.•3 views

Exploits0References3

CVE-2025-41117

6.8CVSS0.00017EPSS

OSV•added 2026/02/12 9:16 a.m.•0 views

CVE-2025-41117

6.1CVSS5.5AI score0.00017EPSS

OSV•added 2026/02/12 9:16 a.m.•0 views

UBUNTU-CVE-2025-41117

ATTACKERKB•added 2026/02/12 8:49 a.m.•5 views

Exploits0References3

CVE-2025-41117

Exploits0References3Affected Software2

CVE•added 2026/02/12 8:49 a.m.•14 views

CVE-2025-41117

CVE-2025-41117 describes an XSS in Grafana’s Explore Traces view where stack traces can be rendered as raw HTML, enabling malicious JavaScript in the browser. The issue affects only datasources using the Jaeger HTTP API; Jaeger gRPC and Tempo are not affected. The connected OSV/NVD/Red Hat/SUSE e...

Exploits0References1Affected Software1

Cvelist•added 2026/02/12 8:49 a.m.•23 views

CVE-2025-41117 XSS in Grafana Explore stack trace

6.8CVSS0.00017EPSS

Vulnrichment•added 2026/02/12 8:49 a.m.•4 views

CVE-2025-41117 XSS in Grafana Explore stack trace

AlpineLinux•added 2026/02/12 8:49 a.m.•1 views

CVE-2025-41117

FreeBSD•added 2026/02/12 12:0 a.m.•3 views

Grafana -- XSS in Grafana Explore stack trace

https://grafana.com/security/security-advisories/cve-2025-41117 reports: Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasourc...

CNNVD•added 2026/02/12 12:0 a.m.•2 views

Grafana 安全漏洞

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing Graphite, InfluxDB, and Prometheus. Grafana has a security vulnerability, where stack traces in the Explore Trac...

Grafana•added 2026/02/12 12:0 a.m.•5 views

XSS in Grafana Explore stack trace

Stack traces in Grafana’s Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

Snyk•added 2026/02/09 12:30 p.m.•1 views

Exploits0

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the Import Errors view. An authenticated attacker can access sensitive information, such as file paths, code snippets, or stack traces related to DAGs they are not authorized to access. Remediation Upgrade...

7.1CVSS5.7AI score0.00014EPSS