Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • 2025 OSS Research
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • 2025 OSS Research
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Data Management and Analytics

Data Management and Analytics

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    2 Jul 2025 Data Management and Analytics
    Apache Cassandra: Improper Authorization

    In Apache Cassandra versions 4.0.0 through 4.0.15, 4.1.0 through 4.1.7, and 5.0.0 through 5.0.2
    a high severity vulnerability CVE-2025-24860 was detected. This vulnerability allows users to access unauthorized datacenters or IP/CIDR groups and modify their own permissions via DCL statements. To fix this issue, users should upgrade to versions 4.0.16, 4.1.8, or 5.0.3. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-24860.

    Read more
    Database
    1 Jul 2025 Data Management and Analytics
    MongoDB: Use-After-Free Vulnerability

    In MongoDB Server versions 6.0 prior to 6.0.21, 7.0 prior to 7.0.17, and 8.0 prior to 8.0.4 a high severity vulnerability CVE-2025-6706 was detected. This vulnerability allows authenticated users to trigger a use-after-free condition that may result in a MongoDB Server crash and other unexpected behavior, even without authorization to shut down the server. To address this issue users must upgrade to versions 6.0.21, 7.0.17, or 8.0.4 respectively. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6706.

    Read more
    Database
    30 Jun 2025 Data Management and Analytics
    MongoDB: DoS Vulnerability via Malicious JSON in OIDC Authentication

    In MongoDB Server versions prior to 7.0.17, 8.0.5 and 6.0.21 a high severity vulnerability CVE-2025-6709 was detected. This vulnerability allows attackers to trigger a denial of service by submitting specially crafted JSON input containing specific date values when using OIDC authentication. To address this issue, users should upgrade MongoDB Server to versions 7.0.17, 8.0.5 or 6.0.21. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6709.

    Read more
    Database
    30 Jun 2025 Data Management and Analytics
    MongoDB: JSON Parsing Stack Overflow Vulnerability

    In MongoDB Server versions prior to 7.0.17, 8.0.5 and 6.0.21 a high severity vulnerability CVE-2025-6710 was detected. This vulnerability allows attackers to trigger a stack overflow by sending specially crafted JSON inputs that induce deep recursion during parsing, leading to server crashes. To address this issue, users should upgrade MongoDB Server to versions 7.0.17, 8.0.5 or 6.0.21. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6710.

    Read more
    Database
    30 Jun 2025 Data Management and Analytics
    MongoDB: Stale Privilege Execution Vulnerability

    In MongoDB Server versions prior to 5.0.31, 6.0.24, 7.0.21 and 8.0.5 a medium severity vulnerability CVE-2025-6707 was detected. This vulnerability allows authenticated users to execute requests with stale privileges under certain conditions, even after an authorized administrator has modified their access rights. To address this issue, users should upgrade MongoDB Server to versions 5.0.31, 6.0.24, 7.0.21 or 8.0.5. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6707.

    Read more
    Database
    26 Jun 2025 Data Management and Analytics
    Kibana: Open Redirect and SSRF Vulnerability

    In Kibana versions up to and including 7.17.28, 8.0.0 up to and including 8.17.7, 8.18.0 up to and including 8.18.2 and 9.0.0 up to and including 9.0.2 a medium severity vulnerability CVE-2025-25012 was detected. This vulnerability allows attackers to redirect users to untrusted sites and potentially perform server-side request forgery (SSRF) via specially crafted URLs. To address this issue, users should upgrade Kibana to versions 7.17.29, 8.17.8, 8.18.3 or 9.0.3. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-25012.

    Read more
    Data Analytics
    25 Jun 2025 Data Management and Analytics
    MLflow: gateway_proxy_handler Path Validation Vulnerability

    In MLflow versions prior to 3.1.0 a medium severity vulnerability CVE-2025-52967 was detected. This vulnerability is caused by the lack of `gateway_path` validation in the `gateway_proxy_handler`, which may allow attackers to manipulate request routing or access unintended resources. To address this issue, users should upgrade MLflow to versions 3.1.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-52967.

    Read more
    Data Analytics
    24 Jun 2025 Data Management and Analytics
    ClickHouse: Executable Table Privilege Escalation Vulnerability

    In ClickHouse versions 25.7.1.557 a low severity vulnerability CVE-2025-52969 was detected. This vulnerability allows low-privileged users to execute shell commands by querying existing Executable() tables created by higher-privileged users and, if they can influence the script path used by the table engine, potentially escalate privileges and execute unauthorized code in the context of the ClickHouse server. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-52969.

    Read more
    Data Analytics
    18 Jun 2025 Data Management and Analytics
    Grafana: Improper Input Validation Vulnerability in Leading to Browser Unresponsiveness

    In Grafana versions before 11.6.2 a low severity vulnerability CVE-2025-1088 was detected. This vulnerability allows excessively long dashboard titles or panel names to cause Chromium-based browsers to become unresponsive due to improper input validation. To address this issue, users should upgrade Grafana to versions 11.6.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-1088.

    Read more
    Data Analytics
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy