PatchSiren

Grafana Labs CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

Known exploited Grafana Labs CVE published 2025-10-09

CVE-2021-43798

CVE-2021-43798 is a Grafana path traversal vulnerability that CISA lists in the Known Exploited Vulnerabilities catalog. Because CISA has marked it as known exploited, Grafana deployments should be treated as urgent remediation candidates, especially where instances are reachable by many users or exposed to the internet.