Thehackernews
Critical Grafana SCIM Vulnerability Allows Privilege Escalation
First seen 2 Dec 2025, 18:33 UTC
•



+1
•84% similarity
•53.2
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Grafana Labs has issued critical patches for a severe vulnerability, CVE-2025-41115, affecting Grafana Enterprise versions 12.0.0 to 12.2.1. The flaw in the SCIM provisioning feature could enable attackers to escalate privileges or impersonate users if specific configurations are enabled. Organizations using affected versions are urged to update immediately.
ThreatCluster AI