Filter and search through 392,393 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-22688 | ### Vulnerability **Description** --- **Vulnerability Overview** This issue is a command injection vulnerability (CWE-78) that allows authenticate... | 8.8 | 708 | Neutral | No |
| Yes |
| CVE-2026-22687 | ### Summary After WeKnora enables the Agent service, it allows users to call the database query tool. Due to insufficient backend validation, an attac... | 9.8 | 717 | Neutral | No | Yes |
| CVE-2026-22686 | A critical sandbox escape vulnerability exists in **enclave-vm** (affected: **< 2.6.0**, patched: **2.7.0**) that can allow untrusted, sandboxed JavaS... | 10.0 | 856 | Neutral | Yes | Yes |
| CVE-2026-22685 | DevToys is a desktop app for developers. In versions from 2.0.0.0 to before 2.0.9.0, a path traversal vulnerability exists in the DevToys extension in... | 8.8 | 553 | Neutral | No | No |
| CVE-2026-22646 | Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with va... | 4.3 | 128 | Neutral | No | No |
| CVE-2026-22645 | The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target ... | 5.3 | 196 | Neutral | No | No |
| CVE-2026-22644 | Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and... | 5.3 | 132 | Neutral | No | No |
| CVE-2026-22643 | In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vul... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22642 | An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple org... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22641 | This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22640 | An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator ac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22639 | Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22638 | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to r... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22637 | The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22636 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22635 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22634 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22633 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22632 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22631 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |