Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

openobserve — Vulnerabilities & Security Advisories 8

All 8 CVE vulnerabilities found in openobserve, with AI-generated Chinese analysis, references, and POCs.

Vendor: openobserve

CVE IDTitleCVSSSeverityPublished
CVE-2026-39361 OpenObserve has a SSRF Protection Bypass via IPv6 Bracket Notation in validate_enrichment_url CWE-918 7.7 High2026-04-07
CVE-2025-66223 OpenObserve's Invite Token Lifecycle Misconfiguration CWE-613 9.8 -2025-11-29
CVE-2025-64744 OpenObserve Vulnerable to HTML Injection in Organization Invitation Emails CWE-79 3.5 Low2025-11-13
CVE-2024-55954 OpenObserve Improper Authorization Allows Admin User to Remove Root User CWE-269 8.7 High2025-01-16
CVE-2024-41809 OpenObserve Cross-site Scripting (XSS) vulnerability in `openobserve/web/src/views/MemberSubscription.vue` CWE-79 7.2 High2024-07-25
CVE-2024-41808 OpenObserve stored XSS vulnerability may lead to complete account takeover CWE-79 8.8 High2024-07-25
CVE-2024-24830 OpenObserve Privilege Escalation Vulnerability in Users API CWE-269 10.0 Critical2024-02-08
CVE-2024-25106 OpenObserve Unauthorized Access Vulnerability in Users API CWE-284 9.1 Critical2024-02-08

All 8 known CVE vulnerabilities affecting openobserve with full Chinese analysis, references, and POCs where available.