These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2021-43798 is a Grafana path traversal vulnerability that CISA lists in the Known Exploited Vulnerabilities catalog. Because CISA has marked it as known exploited, Grafana deployments should be treated as urgent remediation candidates, especially where instances are reachable by many users or exposed to the internet.
CVE-2021-39226 is a Grafana authentication bypass vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2022-08-25, with remediation due by 2022-09-15. Grafana’s vendor advisory notes a critical security fix was released for Grafana 7.5.11 and 8.1.6 on 2021-10-05. Because this issue is listed as known exploited, organizations running Grafana should treat patching and version veri [truncated]