Critical Grafana SCIM Vulnerability Allows Privilege Escalation

Critical Grafana SCIM Vulnerability Allows Privilege Escalation

First seen 2 Dec 2025, 18:33 UTC GbhackersThehackernewsBleepingcomputerCsa.SgThecyberexpress+1 84% similarity 53.2

Article Content

Browse articles
ThreatCluster

Grafana Labs has issued critical patches for a severe vulnerability, CVE-2025-41115, affecting Grafana Enterprise versions 12.0.0 to 12.2.1. The flaw in the SCIM provisioning feature could enable attackers to escalate privileges or impersonate users if specific configurations are enabled. Organizations using affected versions are urged to update immediately.

ThreatCluster AI

Community

Browse all →