Bleeping Computer

Grafana warns of max severity admin spoofing vulnerability

Grafana Labs is warning of a maximum severity vulnerability (CVE-2025-41115) in its Enterprise product that can be exploited to treat new users as administrators or for privilege escalation. The issue ...
Infosecurity-magazine.com

Over a Third of Grafana Instances Exposed to XSS Flaw

Security researchers have urged DevOps teams to patch a high-severity flaw in popular tool Grafana that could be putting them at risk of account takeover attacks. Ox Security warned on Sunday that CVE ...
heise online

Security: Attackers can execute their own commands via Grafana vulnerability

The data visualization tool Grafana is vulnerable, and attackers can execute their own commands on systems and view passwords, among other things. Grafana is a cross-platform open source application ...
Pro-Linux

Sicherheit: Cross-Site Scripting in grafana

Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Grafana ...