Vulnerabilities
Vulnerable Software
Security Vulnerabilities
A user with Editor permissions can craft a dashboard whose table (TableNG) panel contains a malicious field name that executes as a script in the browser of any user who views the dashboard (stored cross-site scripting).
CVSS Score
6.8
EPSS Score
0.002
Published
2026-07-10
An unauthenticated attacker can repeatedly call Grafana's OAuth login route with unique values, causing unbounded memory growth that can eventually exhaust memory and crash the Grafana instance (denial of service).
CVSS Score
5.3
EPSS Score
0.004
Published
2026-07-10
Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory allocation, potentially exhausting memory and causing a denial of service.
CVSS Score
7.5
EPSS Score
0.004
Published
2026-07-10
In JetBrains YouTrack before 2026.2.17394 stored XSS via article titles in digest emails was possible
CVSS Score
3.5
EPSS Score
0.004
Published
2026-07-10
In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible
CVSS Score
3.5
EPSS Score
0.001
Published
2026-07-10
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible
CVSS Score
9.6
EPSS Score
0.004
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
CVSS Score
8.8
EPSS Score
0.003
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 stored XSS on the cloud profile page was possible via agent-reported data
CVSS Score
7.3
EPSS Score
0.002
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 stored XSS via unauthenticated agent registration was possible
CVSS Score
8.1
EPSS Score
0.002
Published
2026-07-10
In JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checks
CVSS Score
8.1
EPSS Score
0.002
Published
2026-07-10


Contact Us

Shodan ® - All rights reserved