Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-26517

StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8.0.15 and 11.9.0.8 are susceptible to a privilege escalation vulnerability. Successful exploit could allow an unauthorized authenticated attacker to discover Grid node names and IP addresses or modify Storage Grades.

Published

2025-09-19T19:15:38.840

Last Modified

2025-09-23T14:30:09.863

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-266

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	netapp	storagegrid	< 11.8.0.15	Yes
Application	netapp	storagegrid	< 11.9.0.8	Yes

References

https://security.netapp.com/advisory/NTAP-20250910-0004 Vendor Advisory ([email protected])