{"vulnerability": "CVE-2024-8986", "sightings": [{"uuid": "01e84eb7-8a7e-4446-9358-71e07a7569c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8986", "type": "seen", "source": "https://t.me/cvedetector/6050", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8986 - Grafana Plugin SDK: Insecure Embedding of Credentials in Binaries\", \n  \"Content\": \"CVE ID : CVE-2024-8986 \nPublished : Sept. 19, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`.  \n   \nIf credentials are included in the repository URI (for instance, to allow for fetching of private dependencies), the final binary will contain the full URI, including said credentials. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-19T13:39:00.000000Z"}, {"uuid": "15cc639d-5dec-4b76-aedf-3241c1fead3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-8986", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14083", "content": "\u200aCVE-2024-8986 (CVSS 9.1): Critical Grafana Plugin SDK Flaw Exposes Sensitive Information\n\nhttps://securityonline.info/cve-2024-8986-cvss-9-1-critical-grafana-plugin-sdk-flaw-exposes-sensitive-information/", "creation_timestamp": "2024-09-23T10:55:29.000000Z"}]}