Lucene search
K
GrafanaRecent

90 matches found

Grafana
Grafana
added 2026/05/13 12:0 a.m.10 views

Auth Proxy IPv6 whitelist bypass

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.11 views

Viewer-triggered race condition in Grafana Live leads to complete server crash

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00262EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.7 views

SQL Expressions Read File From Disk

A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server’s filesystem. Only instances with the sqlExpressions feature toggle enabled are vulnerable...

6.3CVSS6AI score0.00262EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.8 views

Grafana Live push endpoint allows unbounded memory allocation leading to OOM

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00328EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.9 views

Users can generate Service Account tokens after permissions removal

When a user’s access to mint tokens for a service account is revoked, it is sometimes still possible to do so for a few seconds after the event. The user will eventually lose access to do this...

5.9CVSS5.8AI score0.00245EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.8 views

IDOR in Annotations API allows unprivileged users to DELETE annotation

Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations...

4.3CVSS5.8AI score0.00198EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.11 views

BAC in Snapshot API allows deletion of unauthorized dashboard snapshots

Any Editor could delete any snapshot, even if they have no access to read or write them...

6.5CVSS5.8AI score0.00227EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.11 views

Grafana plugin resources can lead to unbounded memory allocation

A request to the Grafana plugin resources endpoint can cause unbounded memory allocation by reading the entire request body into memory. An authenticated user can exploit this to trigger an out-of-memory condition, potentially causing a denial of service...

6.5CVSS5.8AI score0.00328EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.9 views

Dashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard Admin

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege...

7.1CVSS5.8AI score0.00226EPSS
Exploits0
Grafana
Grafana
added 2026/05/13 12:0 a.m.9 views

Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.8AI score0.00328EPSS
Exploits0
Grafana
Grafana
added 2026/03/30 12:0 a.m.8 views

Query resampling can cause unbounded memory allocations

A resample query can be used to trigger out-of-memory crashes in Grafana...

6.5CVSS5.8AI score0.00376EPSS
Exploits0
Grafana
Grafana
added 2026/03/30 12:0 a.m.9 views

Public dashboards discloses all direct mode datasources

When using public dashboards and direct data-sources, all direct data-sources’ passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...

7.5CVSS5.8AI score0.00309EPSS
Exploits0
Grafana
Grafana
added 2026/03/30 12:0 a.m.10 views

OpenFeature evaluation API reads input data with no bounds

The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes...

7.5CVSS6AI score0.00772EPSS
Exploits0
Grafana
Grafana
added 2026/03/30 12:0 a.m.10 views

RCE on Grafana via sqlExpressions

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...

9.1CVSS6.6AI score0.01929EPSS
Exploits0
Grafana
Grafana
added 2026/03/30 12:0 a.m.12 views

Grafana Testdata datasource can issue unbounded memory allocations

A testdata data-source can be used to trigger out-of-memory crashes in Grafana...

6.5CVSS5.8AI score0.00376EPSS
Exploits0
Grafana
Grafana
added 2026/03/25 12:0 a.m.9 views

Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS

The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user Viewer to bypass API restrictions and trigger a catastrophic Out-Of-Memory OOM memory exhaustion, crashing the host container. Thanks to khanmarshal for reporting this vulnerability to us via our bug boun...

6.5CVSS5.8AI score0.00434EPSS
Exploits0
Grafana
Grafana
added 2026/03/25 12:0 a.m.9 views

Missing Protected-field Authorization in Provisioning Contact Points API

A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission...

5.4CVSS5.7AI score0.00238EPSS
Exploits0
Grafana
Grafana
added 2026/03/16 12:0 a.m.9 views

S3 SSE-C Encryption Key Exposed in Plaintext via Config Endpoint

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to williamgoodfellow for reporting this vulnerability...

7.5CVSS5.8AI score0.00155EPSS
Exploits0
Grafana
Grafana
added 2026/02/25 12:0 a.m.10 views

Authorization bypass in Grafana datasource deletion

A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires several very stringent conditions to be met: The attacker must have admin access to the specific datasource prior to its first deletion...

2.6CVSS5.8AI score0.00175EPSS
Exploits0
Grafana
Grafana
added 2026/02/12 12:0 a.m.13 views

XSS in Grafana Explore stack trace

Stack traces in Grafana’s Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

6.8CVSS5.8AI score0.0026EPSS
Exploits0
Grafana
Grafana
added 2026/02/12 12:0 a.m.11 views

Public Dashboards time range restriction on annotations can be bypassed

Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did not leak any...

5.3CVSS5.8AI score0.00327EPSS
Exploits0
Grafana
Grafana
added 2026/01/29 12:0 a.m.10 views

Cross-Tenant Legacy Correlation Disclosure and Deletion

A cross-tenant isolation vulnerability was found in Grafana’s Correlations feature affecting legacy correlation records. Due to a backward compatibility condition allowing orgid = 0 records to be returned across organizations, a user with datasource management privileges could read and permanentl...

3.3CVSS5.7AI score0.00204EPSS
Exploits0
Grafana
Grafana
added 2026/01/27 12:0 a.m.12 views

Unauthenticated DoS in avatar cache in Grafana

Grafana is an open-source platform for monitoring and observability. The platform supports users having their own avatars, which can be sourced from the Gravatar service API. This uses a cache, to ensure that we don’t overload the service. If these requests time out after 3 seconds, a Goroutine i...

7.5CVSS5.8AI score0.00618EPSS
Exploits0
Grafana
Grafana
added 2026/01/27 12:0 a.m.10 views

Cross-dashboard privilege escalation via permission management

Grafana is an open-source platform for monitoring and observability. The platform supports creating dashboards, which collate various visualisation panels onto one plane. These can have per-user permissions. If a user has permission management rights on one dashboard, they could edit the...

8.1CVSS7.2AI score0.00647EPSS
Exploits1
Grafana
Grafana
added 2026/01/26 12:0 a.m.9 views

Grafana Loki Path Traversal - CVE-2021-36156 Bypass

The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/namespace Thanks to Prasanth Sundararajan for reporting this vulnerability...

5.3CVSS6AI score0.01489EPSS
Exploits0
Grafana
Grafana
added 2026/01/02 12:0 a.m.10 views

Exposure of Storage Secret in Pyroscope

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage COS. If the database is configured to use Tencent COS as the storage backend, an attacker could extract the secretkey configuration value from the...

9.1CVSS5.8AI score0.00406EPSS
Exploits0
Grafana
Grafana
added 2025/12/16 12:0 a.m.11 views

Information Leakage in Grafana Alerting

In Grafana’s alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifications:write” or “alert.notifications.receivers:test” that are granted as part of the fixed role “Contact Point Writer”, which is part of the basic role Editor - can edit...

6.5CVSS5.8AI score0.00255EPSS
Exploits0
Grafana
Grafana
added 2025/11/19 12:0 a.m.11 views

Incorrect privilege assignment

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user...

10CVSS6AI score0.17293EPSS
Exploits1
Grafana
Grafana
added 2025/11/11 12:0 a.m.10 views

CVE-2025-3717

Grafana is an open-source platform for monitoring and observability. The Grafana-Snowflake-Datasource is a plugin allowing Grafana to visualize data from Snowflake Versions between 1.5.0 and 1.14.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are using the same...

2.1CVSS5.8AI score0.0024EPSS
Exploits0
Grafana
Grafana
added 2025/11/11 12:0 a.m.9 views

CVE-2025-41116

Grafana is an open-source platform for monitoring and observability. The Grafana-Databricks-Datasource is a plugin allowing Grafana to visualize data from Databricks Enterprise Versions between 1.6.0 and 1.12.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are usin...

2.1CVSS5.8AI score0.0024EPSS
Exploits0
Grafana
Grafana
added 2025/10/09 12:0 a.m.12 views

Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS6.5AI score0.0058EPSS
Exploits0
Grafana
Grafana
added 2025/09/19 12:0 a.m.9 views

Regex DoS in Zabbix Plugin in Grafana

Grafana is an open-source platform for monitoring and observability. Grafana-Zabbix is a plugin for Grafana allowing to visualize monitoring data from Zabbix and create dashboards for analyzing metrics and realtime monitoring. Versions 5.2.1 and below contained a ReDoS vulnerability via...

4.3CVSS7.3AI score0.00323EPSS
Exploits0
Grafana
Grafana
added 2025/08/04 12:0 a.m.14 views

SSRF in Infinity Datasource Plugin

Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...

6.1CVSS6AI score0.00283EPSS
Exploits0
Grafana
Grafana
added 2025/07/18 12:0 a.m.11 views

Grafana Open Redirect in Organization Switching

An open redirect vulnerability has been identified in Grafana organization switching functionality. Prerequisites for exploitation: Multiple organizations must exist in the Grafana instance Victim must be on a different organization than the one specified in the URL Fixed in versions...

4.2CVSS7.2AI score0.03711EPSS
Exploits0
Grafana
Grafana
added 2025/07/18 12:0 a.m.13 views

Grafana Cross-Site-Scripting (XSS) via scripted dashboards

An open redirect vulnerability has been identified in Grafana that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

7.6CVSS6.4AI score0.37565EPSS
Exploits0
Grafana
Grafana
added 2025/07/17 12:0 a.m.8 views

Grafana Alerting DingDing Integration URL Exposed to Viewers

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

4.3CVSS6.3AI score0.0089EPSS
Exploits0
Grafana
Grafana
added 2025/06/17 12:0 a.m.10 views

Very long unicode dashboard title can hang the frontend

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher. Credits: Jinay Patel and Shrey Shah for...

2.7CVSS5.9AI score0.00394EPSS
Exploits0
Grafana
Grafana
added 2025/06/02 12:0 a.m.8 views

Authorization Bypass in Datasource Proxy

This vulnerability in Grafana’s datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

5CVSS6.6AI score0.00414EPSS
Exploits0
Grafana
Grafana
added 2025/06/02 12:0 a.m.7 views

Authorization vulnerability in /apis allows authenticated users to bypass all dashboard permissions

A security vulnerability in the /apis/dashboard.grafana.app/ endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions v0alpha1, v1alpha1, v2alpha1. Impact: Viewers can view all dashboards/folders regardless of permissions Editors...

8.3CVSS7.3AI score0.00484EPSS
Exploits0
Grafana
Grafana
added 2025/05/22 12:0 a.m.11 views

Organization admin can delete server admin in Grafana

An access control vulnerability was discovered in Grafana where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: An Organization administrator exists...

5.5CVSS6.9AI score0.00378EPSS
Exploits0
Grafana
Grafana
added 2025/05/21 12:0 a.m.10 views

Grafana Cross-Site-Scripting (XSS) via custom loaded frontend plugin

A cross-site scripting XSS vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permission...

7.6CVSS7.4AI score0.97809EPSS
Exploits6
Grafana
Grafana
added 2025/04/23 12:0 a.m.10 views

XSS in Grafana XY Chart Plugin

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript. This vulnerability first appeared in Grafana v11.1.0, and is fixed in 11.6.0+security-01, 11.5.3+security-01,...

6.8CVSS6.8AI score0.10611EPSS
Exploits0
Grafana
Grafana
added 2025/01/31 12:0 a.m.9 views

Grafana Alerting VictorOps integration exposed to Viewers

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...

4.3CVSS6.7AI score0.00368EPSS
Exploits0
Grafana
Grafana
added 2024/11/12 12:0 a.m.8 views

Privilege escalation vulnerability for Organizations in Grafana

A privilege escalation vulnerability allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant. This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana...

5.1CVSS6.6AI score0.00213EPSS
Exploits0
Grafana
Grafana
added 2024/10/28 12:0 a.m.9 views

Org admin can delete pending invites in different org

Organization admins can delete pending invites created in an organization they are not part of...

2.7CVSS6.7AI score0.00496EPSS
Exploits0
Grafana
Grafana
added 2024/10/17 12:0 a.m.10 views

Grafana SQL Expressions allow for remote code execution

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb , leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or high...

9.9CVSS6.8AI score0.97781EPSS
Exploits10
Grafana
Grafana
added 2024/09/26 12:0 a.m.12 views

Grafana alerting wrong permission on datasource rule write endpoint

In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules. This vulnerability first appeared in Grafana v8.5.0, and is fixed in v11.2.1, v11.1.6, v11.0.5, v10.4.9, and v10.3.10...

5.1CVSS5.8AI score0.00583EPSS
Exploits0
Grafana
Grafana
added 2024/09/25 12:0 a.m.12 views

Grafana Alloy unquoted service path

On a windows machine, the Grafana Alloy service prior to 1.3.3 is vulnerable to a privilege escalation from local user to SYSTEM due to an unquoted service path. It is recommended that you remove the Grafana Alloy installation and do a clean install. An update will not resolve the issue. An...

7.8CVSS5.7AI score0.003EPSS
Exploits0
Grafana
Grafana
added 2024/09/25 12:0 a.m.10 views

Grafana Agent flow mode unquoted service path

On a windows machine, the Grafana Agent Flow mode service prior to version 0.43.1 is vulnerable to a privilege escalation from local user to SYSTEM due to an unquoted service path. It is recommended that you remove the Grafana Agent Flow installation and do a clean install. An update will not...

7.8CVSS5.7AI score0.00264EPSS
Exploits0
Grafana
Grafana
added 2024/09/19 12:0 a.m.9 views

Information Leakage in grafana-plugin-sdk-go

The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running git remote get-url origin . If credentials are included in the repository URI for instance, to allow for fetching of private...

9.1CVSS5.8AI score0.00519EPSS
Exploits0
Total number of security vulnerabilities90