PT-2026-40785 · Grafana · Grafana

CVE-2026-28380

·

Published

2026-05-13

·

Updated

2026-07-06

CVSS v2.0

6.8

Medium

VectorAV:N/AC:L/Au:S/C:N/I:C/A:N
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description An issue exists where any user with Editor permissions can delete any snapshot, regardless of whether they have the necessary read or write access to those snapshots.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07039
BIT-GRAFANA-2026-28380
CVE-2026-28380
OPENSUSE-SU-2026:10932-1
OPENSUSE-SU-2026:20940-1
SUSE-SU-2026:2768-1
SUSE-SU-2026:2774-1

Affected Products

Grafana