solarwinds observability_self-hosted CVE Vulnerabilities (8)

CVEs: 8 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting solarwinds observability_self-hosted (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 18 of 8 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-28298 SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. [email protected] 5.9 0.34% 2026-03-26 2026-06-17
CVE-2026-28297 SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution. [email protected] 6.1 0.37% 2026-03-26 2026-06-17
CVE-2025-40545 SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required. [email protected] 4.8 0.21% 2025-11-18 2026-06-17
CVE-2025-26391 SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account. [email protected] 5.4 0.40% 2025-11-18 2026-06-17
CVE-2025-26392 SolarWinds Observability Self-Hosted is susceptible to SQL injection vulnerability that may display sensitive data using a low-level account. This vulnerability requires authentication from a low-privilege account. [email protected] 5.4 0.21% 2025-10-21 2026-06-17
CVE-2025-26397 SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication from a low-level account and local access to the host server. [email protected] 7.8 0.26% 2025-07-24 2026-06-17
CVE-2025-26395 SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required. [email protected] 7.1 0.19% 2025-06-10 2026-06-17
CVE-2025-26394 SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required. [email protected] 4.8 0.17% 2025-06-10 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence