In Grafana versions 11.5.0 and later a medium severity vulnerability CVE-2025-6197 was detected. This vulnerability allows attackers to perform open redirects during organization switching when multiple organizations exist and the victim belongs to a different organization than the one specified in the URL. To address this issue users should upgrade Grafana to versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 or 11.3.8+security-01. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6197.
Read more Data AnalyticsIn Grafana versions from 11.5.0 a high severity vulnerability CVE-2025-6023 was detected. This vulnerability allows attackers to exploit an open redirect that can be chained with path traversal issues to perform cross-site scripting (XSS) attacks. To address this issue, users should upgrade Grafana to versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 or 11.3.8+security-01. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6023.
Read more Data AnalyticsIn Oracle MySQL Client versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5 and 9.0.0 through 9.3.0 a low severity vulnerability CVE-2025-50081 was detected in the mysqldump component. This vulnerability allows high-privileged attackers with network access and requiring user interaction to perform unauthorized updates, inserts, deletes, or read access to MySQL Client-accessible data. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-50081.
Read more DatabaseIn Oracle MySQL Server versions 8.0.0 through 8.0.42 a medium severity vulnerability CVE-2025-53023 was detected in the Replication component. This vulnerability allows high-privileged attackers with network access to cause a hang or repeatable crash of the MySQL Server, resulting in denial-of-service (DoS). Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-53023.
Read more DatabaseIn Oracle MySQL Server versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5 and 9.0.0 through 9.3.0 a medium severity vulnerability CVE-2025-50087 was detected in the Optimizer component. This vulnerability allows high-privileged attackers with network access to create, delete, or modify critical data without authorization. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-50087.
Read more DatabaseIn SQLite versions prior to 3.50.2 a high severity vulnerability CVE-2025-6965 was detected. This vulnerability, caused by integer truncation when the number of aggregate terms exceeds the number of available columns, may lead to memory corruption. To address this issue, users should upgrade SQLite to versions 3.50.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6965.
Read more DatabaseIn MongoDB Server versions prior to 8.0.10 a medium severity vulnerability CVE-2025-6712 was detected. This vulnerability allows attackers to cause the MongoDB server to crash by triggering excessive memory usage. To fix this issue users should upgrade MongoDB to version 8.0.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6712.
Read more DatabaseIn MongoDB Server versions prior to 8.0.5 (8.0 series), 7.0.18 (7.0 series), and 6.0.21 (6.0 series) a medium severity vulnerability CVE-2025-6711 was detected. This vulnerability allows attackers to access sensitive query data that may be unintentionally logged by the MongoDB server. To fix this issue users should upgrade MongoDB to versions 8.0.5, 7.0.18, 6.0.21, and 8.1.0-rc0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-6711.
Read more DatabaseIn Redis versions prior to 8.0.3, 7.4.5, 7.2.10, and 6.2.19 a medium severity vulnerability CVE-2025-48367 was detected. This vulnerability allows attackers to cause a denial of service by sending malformed connection requests that disrupt Redis server operation. To fix this issue users should upgrade Redis to versions 8.0.3, 7.4.5, 7.2.10, and 6.2.19. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-48367.
Read more Database