Grafana

Grafana

90 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2026-0712

  • EPSS 0.05%
  • Veröffentlicht 15.01.2026 13:16:04
  • Zuletzt bearbeitet 22.01.2026 17:16:30

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

8.3

CVE-2026-22643

  • EPSS 0.08%
  • Veröffentlicht 15.01.2026 13:13:47
  • Zuletzt bearbeitet 22.01.2026 18:16:45

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

5

CVE-2026-22641

  • EPSS 0.03%
  • Veröffentlicht 15.01.2026 13:13:11
  • Zuletzt bearbeitet 22.01.2026 17:16:36

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

5.5

CVE-2026-22640

  • EPSS 0.06%
  • Veröffentlicht 15.01.2026 13:12:49
  • Zuletzt bearbeitet 22.01.2026 17:16:36

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

4.3

CVE-2026-22639

  • EPSS 0.04%
  • Veröffentlicht 15.01.2026 13:12:03
  • Zuletzt bearbeitet 22.01.2026 17:16:36

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

8.3

CVE-2026-22638

  • EPSS 0.04%
  • Veröffentlicht 15.01.2026 13:11:21
  • Zuletzt bearbeitet 22.01.2026 17:16:36

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

9.8

CVE-2025-41115

  • EPSS 0.04%
  • Veröffentlicht 21.11.2025 14:25:38
  • Zuletzt bearbeitet 08.01.2026 16:39:45

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is ...

4.2

CVE-2025-6197

  • EPSS 0.81%
  • Veröffentlicht 18.07.2025 07:48:22
  • Zuletzt bearbeitet 22.07.2025 13:06:27

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than ...

7.6

CVE-2025-6023

  • EPSS 4.06%
  • Veröffentlicht 18.07.2025 07:48:15
  • Zuletzt bearbeitet 22.07.2025 13:06:27

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS....

4.3

CVE-2025-3415

  • EPSS 0.33%
  • Veröffentlicht 17.07.2025 10:13:14
  • Zuletzt bearbeitet 17.07.2025 21:15:50

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-0...