Observability Self Hosted
Approved changes feed: RSS · Atom
cpe:2.3:a:solarwinds:observability_self-hosted:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Solarwinds (c393915a-764f-5773-8a18-db4a4d0f1496) |
|---|---|
| Product | Observability Self Hosted (8250dd17-0bed-5cf1-8b27-036769cf398a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-28298 |
vulnerable | 2026-06-03 15:18:08.288277 |
SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability
MEDIUM (5.9)
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Published: 2026-03-26T14:08:49.449Z
Updated: 2026-03-27T03:55:35.745Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28297 |
vulnerable | 2026-06-03 15:18:08.287848 |
SolarWinds Observability Self-Hosted Stored Cross-Site Scripting Vulnerability
MEDIUM (6.1)
SolarWinds Observability Self-Hosted was found to be affected by a stored cross-site scripting vulnerability, which when exploited, can lead to unintended script execution.
Published: 2026-03-26T14:01:37.526Z
Updated: 2026-03-27T03:55:35.217Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-40545 |
vulnerable | 2026-06-03 15:01:06.303328 |
SolarWinds Observability Self-Hosted Open Redirection Vulnerability
MEDIUM (4.8)
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.
Published: 2025-11-18T08:55:52.919Z
Updated: 2025-11-18T21:42:35.078Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26397 |
vulnerable | 2026-06-03 14:59:58.890039 |
SolarWinds Observability Self-Hosted Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
HIGH (7.8)
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication from a low-level account and local access to the host server.
Published: 2025-07-24T07:57:53.475Z
Updated: 2025-07-24T13:16:37.075Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26395 |
vulnerable | 2026-06-03 14:59:58.887358 |
SolarWinds SWOSH DOM-based reflective XSS Vulnerability
HIGH (7.1)
SolarWinds Observability Self-Hosted
was susceptible to a cross-site scripting (XSS) vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required.
Published: 2025-06-10T14:41:10.422Z
Updated: 2025-06-10T15:02:30.679Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26394 |
vulnerable | 2026-06-03 14:59:58.886919 |
SolarWinds SWOSH Open Redirection Vulnerability
MEDIUM (4.8)
SolarWinds Observability Self-Hosted
is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required.
Published: 2025-06-10T14:39:37.576Z
Updated: 2025-06-10T15:00:20.452Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26392 |
vulnerable | 2026-06-03 14:59:58.884312 |
SolarWinds Observability Self-Hosted SQL Injection Vulnerability
MEDIUM (5.4)
SolarWinds Observability Self-Hosted is susceptible to SQL injection vulnerability that may display sensitive data using a low-level account. This vulnerability requires authentication from a low-privilege account.
Published: 2025-10-21T07:46:11.503Z
Updated: 2025-10-21T13:48:20.826Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26391 |
vulnerable | 2026-06-03 14:59:58.883932 |
SolarWinds Observability Self-Hosted XSS Vulnerability
MEDIUM (5.4)
SolarWinds Observability Self-Hosted XSS Vulnerability. The SolarWinds Platform was susceptible to a XSS vulnerability that affects user-created URL fields. This vulnerability requires authentication from a low-level account.
Published: 2025-11-18T08:53:01.036Z
Updated: 2025-11-18T21:02:45.370Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.