Unrated severityNVD Advisory· Published Feb 12, 2026· Updated Apr 24, 2026
Public Dashboards time range restriction on annotations can be bypassed
CVE-2026-21722
Description
Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange.
This did not leak any annotations that would not otherwise be visible on the public dashboard.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
66- osv-coords64 versionspkg:apk/chainguard/grafana-11.5pkg:apk/chainguard/grafana-12.0pkg:apk/wolfi/grafana-11.5pkg:apk/wolfi/grafana-12.0pkg:bitnami/grafanapkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/golang-github-boynux-squid_exporter&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/golang-github-lusitaniae-apache_exporter&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/golang-github-prometheus-promu&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/golang-github-QubitProducts-exporter_exporter&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/prometheus-blackbox_exporter&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5pkg:rpm/suse/dracut-wireless&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/dracut-wireless&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5pkg:rpm/suse/golang-github-boynux-squid_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-boynux-squid_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/golang-github-prometheus-promu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/mgr-push&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/Multi-Linux-ManagerTools-Beta-SLE-Micro-release&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5pkg:rpm/suse/prometheus-postgres_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/python-defusedxml&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/rhnlib&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-15pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20Beta%20SLE-Micro-5
< 11.5.10-r2+ 63 more
- (no CPE)range: < 11.5.10-r2
- (no CPE)range: < 12.0.10-r0
- (no CPE)range: < 11.5.10-r2
- (no CPE)range: < 12.0.10-r0
- (no CPE)range: >= 9.3.0, < 11.6.10
- (no CPE)range: < 1.1.0-150000.1.65.1
- (no CPE)range: < 1.13.0-150000.1.12.1
- (no CPE)range: < 1.0.10-150000.1.26.1
- (no CPE)range: < 0.17.0-150000.3.30.1
- (no CPE)range: < 0.4.0-150000.1.21.1
- (no CPE)range: < 11.6.11-150200.3.83.1
- (no CPE)range: < 11.6.14+security01-1.1
- (no CPE)range: < 0.26.0-150000.1.30.2
- (no CPE)range: < 5.0.15-150000.3.142.1
- (no CPE)range: < 1.1.0-150000.1.65.1
- (no CPE)range: < 1.1.0-150000.1.65.1
- (no CPE)range: < 1.1.0-159000.2.2.1
- (no CPE)range: < 1.1.0-159000.2.2.1
- (no CPE)range: < 0.1.1595937550.0285244-159000.2.2.1
- (no CPE)range: < 0.1.1595937550.0285244-159000.2.2.1
- (no CPE)range: < 1.13.0-150000.1.12.1
- (no CPE)range: < 1.13.0-159000.2.2.1
- (no CPE)range: < 1.0.10-150000.1.26.1
- (no CPE)range: < 1.0.10-159000.2.2.1
- (no CPE)range: < 1.0.10-150002.3.6.1
- (no CPE)range: < 0.28.1-159000.12.2.1
- (no CPE)range: < 1.9.1-159000.4.2.1
- (no CPE)range: < 1.9.1-159000.4.2.1
- (no CPE)range: < 3.5.0-150000.3.67.1
- (no CPE)range: < 3.5.0-159000.4.3.2
- (no CPE)range: < 3.5.0-150002.3.8.1
- (no CPE)range: < 0.17.0-150000.3.30.1
- (no CPE)range: < 0.4.0-150000.1.21.1
- (no CPE)range: < 0.4.0-150000.1.21.1
- (no CPE)range: < 0.4.0-159000.2.2.1
- (no CPE)range: < 11.6.11-150200.3.83.1
- (no CPE)range: < 11.6.11-150000.1.90.1
- (no CPE)range: < 11.6.11-159000.2.3.2
- (no CPE)range: < 11.6.14+security01-150002.4.14.1
- (no CPE)range: < 5.2.3-159000.2.3.1
- (no CPE)range: < 5-159000.3.3.1
- (no CPE)range: < 0.26.0-150000.1.30.2
- (no CPE)range: < 0.26.0-150000.1.30.2
- (no CPE)range: < 0.26.0-159000.2.2.1
- (no CPE)range: < 0.26.0-150002.3.6.1
- (no CPE)range: < 0.26.0-150002.3.6.1
- (no CPE)range: < 0.10.1-159000.2.2.1
- (no CPE)range: < 0.7.1-159000.4.2.1
- (no CPE)range: < 5.2.4-159000.4.3.1
- (no CPE)range: < 5.0.15-150000.3.142.1
- (no CPE)range: < 5.2.6-159000.4.3.1
- (no CPE)range: < 5.1.13-150002.3.9.3
- (no CPE)range: < 5.2.4-159000.4.3.1
- (no CPE)range: < 1.2.3-159000.4.2.1
- (no CPE)range: < 5.2.2-159000.4.2.1
- (no CPE)range: < 5.2.3-159000.2.3.1
- (no CPE)range: < 0.1.38-150000.1.30.1
- (no CPE)range: < 0.1.38-150000.1.30.1
- (no CPE)range: < 5.2.5-159000.2.3.2
- (no CPE)range: < 5.2.5-159000.2.3.2
- (no CPE)range: < 5.1.26-150002.3.12.1
- (no CPE)range: < 5.1.26-150002.3.12.1
- (no CPE)range: < 3006.0-159000.5.3.2
- (no CPE)range: < 3006.0-159000.5.3.2
- Range: 9.3.0
Patches
Vulnerability mechanics
References
1- grafana.com/security/security-advisories/cve-2026-21722mitrevendor-advisory
News mentions
0No linked articles in our index yet.