Filter and search through 392,598 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-22644 | Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and... | 5.3 | 132 | Neutral | No |
| No |
| CVE-2026-22643 | In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vul... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22642 | An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple org... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22641 | This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Us... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22640 | An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator ac... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22639 | Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22638 | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to r... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22637 | The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22636 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22635 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22634 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22633 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22632 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22631 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22630 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22612 | #Fickling's assessment Fickling started emitting AST nodes for builtins imports in order to match them during analysis (https://github.com/trailofbit... | 7.8 | 560 | Neutral | No | Yes |
| CVE-2026-22611 | ### Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to t... | 3.7 | 188 | Neutral | No | Yes |
| CVE-2026-22610 | A Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. The vulnerability exists because Angular’s internal s... | 0.0 | 0 | Neutral | Yes | Yes |
| CVE-2026-22609 | #Fickling's assessment `ctypes`, `importlib`, `runpy`, `code` and `multiprocessing` were added the list of unsafe imports (https://github.com/trailof... | 7.8 | 560 | Neutral | No | Yes |
| CVE-2026-22608 | # Fickling's assessment `pydoc` and `ctypes` were added to the list of unsafe imports (https://github.com/trailofbits/fickling/commit/b793563e60a5e03... | 7.8 | 560 | Neutral | No | Yes |