Grafana has released security updates to address a maximum severity security flaw that could allow privilege escalation or user impersonation under certain configurations.The vulnerability, tracked as CVE-2025-41115, carries a CVSS score of 10.0. It resides in the System for Cross-domain Identity Management (SCIM) component that allows automated user provisioning and management. First
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/11/grafana-patches-cvss-100-scim-flaw.html
