exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2026-21721

8 дней назад

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.

CVSS3: 8.1

EPSS: Низкий

CVE-2026-21721

8 дней назад

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.

CVSS3: 8.1

EPSS: Низкий

CVE-2026-21721

8 дней назад

The dashboard permissions API does not verify the target dashboard sco ...

CVSS3: 8.1

EPSS: Низкий

GHSA-jgfq-mgxg-4qwm

8 дней назад

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.

CVSS3: 8.1

EPSS: Низкий

BDU:2026-01120

9 дней назад

Уязвимость прикладного программного интерфейса платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии и получить несанкционированный доступ к защищаемой информации

CVSS3: 8.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-21721 The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.	CVSS3: 8.1	0% Низкий	8 дней назад
CVE-2026-21721 The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.	CVSS3: 8.1	0% Низкий	8 дней назад
CVE-2026-21721 The dashboard permissions API does not verify the target dashboard sco ...	CVSS3: 8.1	0% Низкий	8 дней назад
GHSA-jgfq-mgxg-4qwm The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.	CVSS3: 8.1	0% Низкий	8 дней назад
BDU:2026-01120 Уязвимость прикладного программного интерфейса платформы для мониторинга и наблюдения Grafana, позволяющая нарушителю повысить свои привилегии и получить несанкционированный доступ к защищаемой информации	CVSS3: 8.1	0% Низкий	9 дней назад

Уязвимостей на страницу