CVE-2026-21722: Vulnerability in Grafana grafana/grafana
Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard.
CVE-2026-21722: Vulnerability in Grafana grafana/grafana
Description
Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GRAFANA
- Date Reserved
- 2026-01-05T09:26:06.214Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 698d9b14c9e1ff5ad8b1f9ef
Added to database: 2/12/2026, 9:19:16 AM
Last updated: 2/12/2026, 9:19:18 AM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-41117: Vulnerability in Grafana grafana/grafana
MediumCVE-2025-15577: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Valmet Valmet DNA Web Tools
HighExposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments
MediumFirst Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
MediumCVE-2024-26480: n/a
HighActions
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.