Grafana has released a set of emergency security patches after discovering a critical vulnerability in its Enterprise editions. The flaw, tracked as CVE-2025-41115, carries the maximum CVSS score of 10.0 and affects environments where the SCIM feature is enabled and used for automated user provisioning.

A recent message from CentralNic Reseller addressed to its customers reveals that the company has observed “activity outside our operational systems that we are investigating” and is taking precautionary measures. The announcement states that while there is no confirmed impact on operational systems or customer data.