CVE-2026-22639

CVE-2026-22639 (rejected per initial description) concerns Grafana’s Alerting DingDing integration. Multiple connected sources describe an exposure where the integration could be accessed by users with Viewer permissions due to insufficient protection. Fixes are published in Grafana releases 10.4...

TencentOS Server 4: grafana (TSSA-2025:0596)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0596 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Grafana Alerting DingDing Integration URL Exposed to Viewers

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

Grafana Alerting VictorOps integration exposed to Viewers

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...

CVE-2022-42401

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...