Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Grafana Insecure Default Initialization of Resource Vulnerability - CVE-2026-33376 - Vulnerability Database
Grafana

Grafana Insecure Default Initialization of Resource Vulnerability - CVE-2026-33376

High
Reference: CVE-2026-33376
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-33376
Title: Grafana Insecure Default Initialization of Resource Vulnerability
Overview:

When using an IPv6 allow-list for the Auth Proxy feature it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected to mitigate easily add the desired mask (usually /128) to the addresses. Only auth proxy is affected Okta SAML LDAP etc are unaffected here.