Unauthenticated Exfiltration via Confused-Deputy in Grafana MCP Server
CVE-2026-15583 Published on July 15, 2026

SSRF (confused deputy) in Grafana MCP Server via X-Grafana-URL header
A confused-deputy flaw in Grafana MCP Server allows an unauthenticated remote attacker to exfiltrate the server's environment-configured Grafana service-account token by supplying a crafted X-Grafana-URL request header. This also enables SSRF against arbitrary internal services, including cloud metadata endpoints.

Vendor Advisory NVD

Weakness Type

Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.


Products Associated with CVE-2026-15583

Want to know whenever a new CVE is published for Grafana Labs Grafana? stack.watch will email you.

 

Affected Versions

Grafana MCP Server: