PatchSiren cyber security CVE debrief
CVE-2026-33381 Grafana CVE debrief
CVE-2026-33381 is a vulnerability in Grafana that allows users to mint tokens for a service account for a short period after their access has been revoked. The vulnerability has a CVSS score of 5.9 and is classified as MEDIUM severity. Grafana has released an advisory for this vulnerability.
- Vendor
- Grafana
- Product
- Grafana OSS
- CVSS
- MEDIUM 5.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-13
- Original CVE updated
- 2026-06-17
- Advisory published
- 2026-05-13
- Advisory updated
- 2026-06-17
Who should care
Users of Grafana, especially those who have configured service accounts and token management, should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability occurs when a user's access to mint tokens for a service account is revoked. For a few seconds after the revocation event, the user may still be able to mint tokens. Eventually, the user will lose access to this functionality.
Defensive priority
MEDIUM
Recommended defensive actions
- Users should update Grafana to a version that patches this vulnerability. Affected versions include Grafana 11.6.0 to 11.6.14, 12.2.0 to 12.2.8, 12.3.0 to 12.3.6, 12.4.0 to 12.4.3, and 13.0.0 to 13.0.1.
- Refer to the vendor advisory at resourceLinkAnnotations with id 'ref-4' for detailed mitigation strategies and patch information.
Evidence notes
The CVE record and details are sourced from official databases and Grafana's security advisory.
Official resources
-
CVE-2026-33381 CVE record
CVE.org
-
CVE-2026-33381 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-33381 was published on 2026-05-13T20:16:20.803Z and modified on 2026-06-16T19:28:22.597Z.