UBUNTU-CVE-2026-21722

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2026-21722

Published: 13 Feb 2026, 00:00

Last modified:13 Feb 2026, 18:15

Vulnerability Summary

Overall Risk (default)

low

21/100

CVSS Score

5.3 MEDIUM

3.1 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

13 Feb 2026, 00:00

Published

Vulnerability first disclosed

13 Feb 2026, 18:15

Last Modified

Vulnerability information updated

Description

Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any annotations that would not otherwise be visible on the public dashboard.

CVSS Metrics

v3.1•MEDIUM•Score: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Systems

ubuntu•grafana
all

References (3)

https://ubuntu.com/security/CVE-2026-21722
https://www.cve.org/CVERecord?id=CVE-2026-21722
https://grafana.com/security/security-advisories/CVE-2026-21722