Filter and search through 392,438 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-22646 | Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with va... | 4.3 | 128 | Neutral | No |
| No |
| CVE-2026-22645 | The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target ... | 5.3 | 196 | Neutral | No | No |
| CVE-2026-22644 | Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and... | 5.3 | 132 | Neutral | No | No |
| CVE-2026-22643 | In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vul... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22642 | An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple org... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22641 | This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22640 | An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator ac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22639 | Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22638 | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to r... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22637 | The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22636 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22635 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22634 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22633 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22632 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22631 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22630 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22612 | #Fickling's assessment Fickling started emitting AST nodes for builtins imports in order to match them during analysis (https://github.com/trailofbit... | 7.8 | 560 | Neutral | No | Yes |
| CVE-2026-22611 | ### Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to t... | 3.7 | 188 | Neutral | No | Yes |
| CVE-2026-22610 | A Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal s... | 0.0 | 0 | Neutral | Yes | Yes |