Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Grafana Incorrect Authorization Vulnerability - CVE-2026-21721 - Vulnerability Database
Grafana

Grafana Incorrect Authorization Vulnerability - CVE-2026-21721

High
Reference: CVE-2026-21721
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-21721
Title: Grafana Incorrect Authorization Vulnerability
Overview:

The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organizationinternal privilege escalation.