In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power". Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
CSRF
Splunk
Splunk Cloud Platform
NVD
CVSS 3.1
3.5
EPSS
0.2%
SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.
Information Disclosure
Spicedb
NVD
GitHub
CVSS 3.1
2.4
EPSS
0.3%