CVE-2026-21722

medium

Red Hat

CVSS v3 Base Score

5.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Published: February 12, 2026

Last Modified: February 12, 2026

Vendor: Red Hat

Description

Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard.

CWE

CWE-200

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References

🔗 bugzilla.redhat.com 🔗 www.cve.org 🔗 nvd.nist.gov 🔗 grafana.com

CVE-2026-21722

Vulnerability Report

Description

CWE

Affected Products

References