Observability Self Hosted

observability_self-hosted

Vendor: Solarwinds • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-28298 1Solarwinds 1Observability Self Hosted Mar 31, 2026 Mar 26, 2026 N/A· v4 8.1 HIGH· v3 N/A· v2 SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
CVE-2026-28297 1Solarwinds 1Observability Self Hosted Mar 31, 2026 Mar 26, 2026 N/A· v4 8.7 HIGH· v3 N/A· v2 SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
CVE-2025-40545 1Solarwinds 1Observability Self Hosted Nov 24, 2025 Nov 18, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack...Show more SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.Show less
CVE-2025-26391 1Solarwinds 1Observability Self Hosted Nov 24, 2025 Nov 18, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level acc...Show more SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account.Show less
CVE-2025-26392 1Solarwinds 1Observability Self Hosted Nov 12, 2025 Oct 21, 2025 N/A· v4 4.6 MEDIUM· v3 N/A· v2 SolarWinds Observability Self-Hosted is susceptible to SQL injection vulnerability that may display sensitive data using a low-level account. This vulnerability requires authentication from a low-privilege account.
CVE-2025-26397 1Solarwinds 1Observability Self Hosted Nov 12, 2025 Jul 24, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to...Show more SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication from a low-level account and local access to the host server.Show less
CVE-2025-26395 1Solarwinds 1Observability Self Hosted Nov 12, 2025 Jun 10, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and use...Show more SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required.Show less
CVE-2025-26394 1Solarwinds 1Observability Self Hosted Nov 12, 2025 Jun 10, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attac...Show more SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.Show less