VYPR

Monitoring And Management

by Percona

CVEs (4)

  • CVE-2026-25212CriApr 2, 2026
    risk 0.64cvss 9.9epss 0.00

    An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying…

  • CVE-2024-5466Aug 23, 2024
    risk 0.02cvss epss 0.07

    Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.

  • CVE-2023-34409Jun 6, 2023
    risk 0.00cvss epss 0.01

    In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made…

  • CVE-2020-7920Feb 6, 2020
    risk 0.00cvss epss 0.02

    pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of service.