Confused-Deputy Flaw in Grafana MCP Server Exposes Sensitive Tokens
CVE-2026-15583
8.6HIGH
What is CVE-2026-15583?
A vulnerable configuration in Grafana MCP Server permits unauthenticated remote attackers to exploit a confused-deputy flaw, allowing them to exfiltrate critical Grafana service-account tokens via a forged X-Grafana-URL request header. This exploitation also grants attackers the ability to perform Server-Side Request Forgery (SSRF), potentially targeting internal services and cloud metadata endpoints.
Affected Version(s)
Grafana MCP Server 0.0.0 <= 0.17.1