CVE-2025-3580 | Grafana up to 12.0.0 /api/org/users/ access control

A vulnerability, which was classified as problematic, was found in Grafana up to 12.0.0. This affects an unknown part of the file /api/org/users/. The manipulation leads to improper access controls.

This vulnerability is uniquely identified as CVE-2025-3580. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More