Critical Grafana SCIM Vulnerability Allows Privilege Escalation

Critical Grafana SCIM Vulnerability Allows Privilege Escalation

First seen 21 Nov 2025, 18:21 UTC GbhackersThehackernewsBleepingcomputerCsa.SgThecyberexpress+1 85% similarity 52.9

Article Content

Browse articles
ThreatCluster

Grafana Labs has issued critical patches for a severe vulnerability (CVE-2025-41115) in its SCIM provisioning feature, which could enable attackers to escalate privileges or impersonate users. The flaw affects Grafana Enterprise versions 12.0.0 through 12.2.1 when specific configurations are enabled. Organizations are urged to update immediately to mitigate risks associated with this critical vulnerability.

ThreatCluster AI

Community

Browse all →