Grafana Labs
Security Scorecard
Score
100A
Total CVEs
11
Patch Rate
91%
10 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical1
High2
Medium0
Low0
Patch Status
Patched10 (91%)
Partial/Workaround1 (9%)
Unpatched0 (0%)
CVEs (11)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2026-21720 | Grafana Avatar Image Crash | High | 7.5 | - | Patched |
| CVE-2026-21721 | Grafana Dashboard Permissions Bypass | High | 8.1 | - | Workaround |
| CVE-2026-0712 | Grafana OSS Open Redirect Vulnerability | N/A | - | - | Patched |
| CVE-2026-0713 | Grafana API Bypass | N/A | - | - | Patched |
| CVE-2026-22638 | Grafana XSS Vulnerability | N/A | - | - | Patched |
| CVE-2026-22639 | Grafana Alerting Exposure | N/A | - | - | Patched |
| CVE-2026-22640 | Grafana Server Admin Account Delete Bypass | N/A | - | - | Patched |
| CVE-2026-22641 | Grafana Data Source Proxy API Bypass Vulnerability | N/A | - | - | Patched |
| CVE-2026-22642 | Grafana OSS Organization Switching Vulnerability | N/A | - | - | Patched |
| CVE-2026-22643 | Grafana Unresponsive Dashboard Vulnerability | N/A | - | - | Patched |