Denial of Service Vulnerability in StorageGRID by NetApp
CVE-2025-26516

5.3MEDIUM

Key Information:

Vendor: Netapp
Status: Storagegrid
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-26516?

StorageGRID, developed by NetApp, is susceptible to a Denial of Service vulnerability in versions prior to 11.8.0.15 and 11.9.0.8. This flaw enables an unauthenticated attacker to disrupt services on the Admin node, potentially leading to service outages. It is essential for users of affected versions to apply the necessary updates to safeguard their systems from exploitation.

Affected Version(s)

StorageGRID 0 < 11.8.0.15

StorageGRID 0 < 11.9.0.8

References

https://security.netapp.com/advisory/NTAP-20250910-0003

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Feb 11, 2025

Netapp

What is CVE-2025-26516?

Affected Version(s)

References

CVSS V3.1

Timeline