Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
2.3
CVE-2026-22051: StorageGRID: Low-Privilege Users Can Access Unauthorized Data
CVE-2026-22051
Summary
StorageGRID versions prior to 11.9.0.13 and 12.0.0.6 have a security issue that allows people with limited access to view sensitive information they shouldn't be able to see. This could happen if an attacker with low privileges uses a specific feature to access data they shouldn't have access to. To stay safe, update to the latest version or patch if available.
Original title
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attac...
Original description
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerability. Successful exploit could allow an authenticated attacker with low privileges to run arbitrary metrics queries, revealing metric results that they do not have access to.
nvd CVSS4.0
2.3
Vulnerability type
CWE-200
Information Exposure
Published: 20 Apr 2026 · Updated: 15 Jun 2026 · First seen: 20 Apr 2026