[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-28146":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":40,"related":41,"reserved_at":9,"published_at":50,"modified_at":51,"state":52,"summary":53,"references_raw":62,"kevs":99,"epss":100,"epss_history":103,"metrics":363,"affected":374},"CVE-2021-28146","The team sync HTTP API in Grafana Enterprise 7.4.x before 7.4.5 has an Incorrect Access Control issue. On Grafana instances using an external authentication service, this vulnerability allows any authenticated user to add external groups to existing teams. This can be used to grant a user team permissions that the user isn't supposed to have.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-863","Incorrect Authorization","The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.","weakness","Incomplete","Class","High",[],[],[],[],[24,26,28,30,32,34,36,38],{"_key":25},"SUSE-SU-2021:2660-1",{"_key":27},"SUSE-SU-2021:2673-1",{"_key":29},"SUSE-SU-2021:2675-1",{"_key":31},"OPENSUSE-SU-2021:1148-1",{"_key":33},"OPENSUSE-SU-2021:1162-1",{"_key":35},"OPENSUSE-SU-2021:2662-1",{"_key":37},"OPENSUSE-SU-2021:2675-1",{"_key":39},"OPENSUSE-SU-2024:10818-1",[],[42,43,44,45,46,47,48,49],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},"2021-03-22T14:00:36.000Z","2024-08-03T21:33:17.416Z","Modified",{"cisa_kev":54,"cisa_ransomware":54,"cisa_vendor":9,"epss_severity":55,"epss_score":56,"severity":57,"severity_score":58,"severity_version":59,"severity_source":60,"severity_vector":61,"severity_status":52},false,"low",0.00248,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",[63,71,76,83,87,91,95],{"url":64,"sources":65,"tags":67},"https://community.grafana.com/t/release-notes-v6-7-x/27119",[66,60],"cve.org",[68,69,70],"X Refsource MISC","Release Notes","Vendor Advisory",{"url":72,"sources":73,"tags":74},"https://grafana.com/products/enterprise/",[66,60],[68,75,70],"Product",{"url":77,"sources":78,"tags":79},"https://www.openwall.com/lists/oss-security/2021/03/19/5",[66,60],[80,81,82],"X Refsource CONFIRM","Mailing List","Third Party Advisory",{"url":84,"sources":85,"tags":86},"https://grafana.com/blog/2021/03/18/grafana-6.7.6-7.3.10-and-7.4.5-released-with-important-security-fixes-for-grafana-enterprise/",[66,60],[80,69,70],{"url":88,"sources":89,"tags":90},"https://community.grafana.com/t/grafana-enterprise-6-7-6-7-3-10-and-7-4-5-security-update/44724",[66,60],[68,70],{"url":92,"sources":93,"tags":94},"https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-3-10/",[66,60],[68,69,70],{"url":96,"sources":97,"tags":98},"https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-4-5/",[66,60],[68,69,70],[],{"date":101,"score":56,"percentile":102},"2026-06-04",0.48243,[104,108,111,113,116,118,121,124,127,130,133,136,138,141,144,148,151,154,157,160,163,166,169,172,175,178,181,184,187,190,193,196,199,201,204,207,210,213,216,219,221,224,227,229,232,235,238,241,243,246,249,252,255,258,262,265,268,271,273,276,279,282,284,288,291,294,297,299,302,305,308,311,314,317,319,322,325,328,331,333,335,337,340,343,346,349,352,355,358,360],{"date":105,"score":106,"percentile":107},"2025-11-04",0.00265,0.49859,{"date":109,"score":106,"percentile":110},"2025-11-05",0.49848,{"date":112,"score":106,"percentile":107},"2025-11-06",{"date":114,"score":106,"percentile":115},"2025-11-07",0.49886,{"date":117,"score":106,"percentile":115},"2025-11-08",{"date":119,"score":106,"percentile":120},"2025-11-09",0.49872,{"date":122,"score":106,"percentile":123},"2025-11-10",0.49839,{"date":125,"score":106,"percentile":126},"2025-11-11",0.49855,{"date":128,"score":106,"percentile":129},"2025-11-12",0.49878,{"date":131,"score":106,"percentile":132},"2025-11-13",0.49882,{"date":134,"score":106,"percentile":135},"2025-11-14",0.49892,{"date":137,"score":106,"percentile":115},"2025-11-15",{"date":139,"score":106,"percentile":140},"2025-11-16",0.49866,{"date":142,"score":106,"percentile":143},"2025-11-17",0.49843,{"date":145,"score":146,"percentile":147},"2025-11-18",0.00334,0.53204,{"date":149,"score":146,"percentile":150},"2025-11-19",0.53218,{"date":152,"score":146,"percentile":153},"2025-11-20",0.53206,{"date":155,"score":106,"percentile":156},"2025-11-21",0.49853,{"date":158,"score":106,"percentile":159},"2025-11-22",0.49849,{"date":161,"score":106,"percentile":162},"2025-11-23",0.49811,{"date":164,"score":106,"percentile":165},"2025-11-24",0.498,{"date":167,"score":106,"percentile":168},"2025-11-25",0.49807,{"date":170,"score":106,"percentile":171},"2025-11-26",0.49799,{"date":173,"score":106,"percentile":174},"2025-11-27",0.49805,{"date":176,"score":106,"percentile":177},"2025-11-28",0.49773,{"date":179,"score":106,"percentile":180},"2025-11-29",0.4975,{"date":182,"score":106,"percentile":183},"2025-11-30",0.49739,{"date":185,"score":106,"percentile":186},"2025-12-01",0.49895,{"date":188,"score":106,"percentile":189},"2025-12-02",0.49912,{"date":191,"score":106,"percentile":192},"2025-12-03",0.49907,{"date":194,"score":106,"percentile":195},"2025-12-04",0.49747,{"date":197,"score":106,"percentile":198},"2025-12-05",0.49769,{"date":200,"score":106,"percentile":198},"2025-12-06",{"date":202,"score":106,"percentile":203},"2025-12-07",0.49759,{"date":205,"score":106,"percentile":206},"2025-12-08",0.49753,{"date":208,"score":106,"percentile":209},"2025-12-09",0.49771,{"date":211,"score":106,"percentile":212},"2025-12-10",0.49837,{"date":214,"score":106,"percentile":215},"2025-12-11",0.49858,{"date":217,"score":106,"percentile":218},"2025-12-12",0.49888,{"date":220,"score":106,"percentile":120},"2025-12-13",{"date":222,"score":106,"percentile":223},"2025-12-14",0.49856,{"date":225,"score":106,"percentile":226},"2025-12-15",0.49838,{"date":228,"score":106,"percentile":110},"2025-12-16",{"date":230,"score":106,"percentile":231},"2025-12-17",0.49873,{"date":233,"score":106,"percentile":234},"2025-12-18",0.49913,{"date":236,"score":106,"percentile":237},"2025-12-19",0.49917,{"date":239,"score":106,"percentile":240},"2025-12-20",0.49879,{"date":242,"score":106,"percentile":159},"2025-12-21",{"date":244,"score":106,"percentile":245},"2025-12-22",0.49834,{"date":247,"score":106,"percentile":248},"2025-12-23",0.49832,{"date":250,"score":106,"percentile":251},"2025-12-24",0.49842,{"date":253,"score":106,"percentile":254},"2025-12-25",0.49894,{"date":256,"score":106,"percentile":257},"2025-12-26",0.49881,{"date":259,"score":260,"percentile":261},"2025-12-27",0.00336,0.56066,{"date":263,"score":106,"percentile":264},"2025-12-28",0.49824,{"date":266,"score":106,"percentile":267},"2025-12-29",0.49813,{"date":269,"score":106,"percentile":270},"2025-12-30",0.49812,{"date":272,"score":106,"percentile":156},"2025-12-31",{"date":274,"score":106,"percentile":275},"2026-01-01",0.5002,{"date":277,"score":106,"percentile":278},"2026-01-02",0.5,{"date":280,"score":106,"percentile":281},"2026-01-03",0.4999,{"date":283,"score":106,"percentile":162},"2026-01-04",{"date":285,"score":286,"percentile":287},"2026-01-05",0.00257,0.48809,{"date":289,"score":286,"percentile":290},"2026-01-06",0.48814,{"date":292,"score":286,"percentile":293},"2026-01-07",0.48831,{"date":295,"score":286,"percentile":296},"2026-01-08",0.48854,{"date":298,"score":286,"percentile":293},"2026-01-09",{"date":300,"score":286,"percentile":301},"2026-01-10",0.48826,{"date":303,"score":286,"percentile":304},"2026-01-11",0.48807,{"date":306,"score":286,"percentile":307},"2026-01-12",0.48765,{"date":309,"score":286,"percentile":310},"2026-01-13",0.4874,{"date":312,"score":286,"percentile":313},"2026-01-14",0.48786,{"date":315,"score":286,"percentile":316},"2026-01-15",0.48787,{"date":318,"score":286,"percentile":287},"2026-01-16",{"date":320,"score":286,"percentile":321},"2026-01-17",0.48783,{"date":323,"score":286,"percentile":324},"2026-01-18",0.48755,{"date":326,"score":286,"percentile":327},"2026-01-19",0.48733,{"date":329,"score":286,"percentile":330},"2026-01-20",0.48736,{"date":332,"score":286,"percentile":330},"2026-01-21",{"date":334,"score":286,"percentile":310},"2026-01-22",{"date":336,"score":286,"percentile":316},"2026-01-23",{"date":338,"score":286,"percentile":339},"2026-01-24",0.48789,{"date":341,"score":286,"percentile":342},"2026-01-25",0.48738,{"date":344,"score":286,"percentile":345},"2026-01-26",0.48708,{"date":347,"score":286,"percentile":348},"2026-01-27",0.48714,{"date":350,"score":286,"percentile":351},"2026-01-28",0.48725,{"date":353,"score":286,"percentile":354},"2026-01-29",0.48718,{"date":356,"score":286,"percentile":357},"2026-01-30",0.48726,{"date":359,"score":286,"percentile":327},"2026-01-31",{"date":361,"score":286,"percentile":362},"2026-02-01",0.48873,[364],{"source":60,"cvss_v2_0":365,"cvss_v3_0":9,"cvss_v3_1":370,"cvss_v4_0":9},{"baseScore":366,"baseSeverity":9,"vectorString":367,"impactScore":368,"exploitabilityScore":369},4,"AV:N/AC:L/Au:S/C:N/I:P/A:N",2.9,8,{"baseScore":58,"baseSeverity":371,"vectorString":61,"impactScore":372,"exploitabilityScore":373},"MEDIUM",6,7.2,[375],{"ecosystem":9,"name":376,"vendor":376,"product":376,"cpe_part":377,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":378},"grafana","a",[379],{"version":380,"is_range":381,"range_type":382,"version_start":383,"version_start_type":384,"version_end":385,"version_end_type":386,"fixed_in":9},"gte7.4.0_lt7.4.5",true,"cpe","7.4.0","including","7.4.5","excluding"]