Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

grafana — Vulnerabilities & Security Advisories 85

Browse all 85 CVE security advisories affecting grafana. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Grafana serves as a leading open-source platform for observability, enabling users to visualize metrics, logs, and traces from diverse data sources. Despite its utility, the software has accumulated 85 recorded Common Vulnerabilities and Exposures (CVEs), reflecting a history of security challenges. Historically, these flaws frequently involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation or improper access controls in its plugin ecosystem and API endpoints. While no single catastrophic incident has defined its entire lifecycle, the high volume of CVEs indicates persistent risks in its complex architecture. Security teams must prioritize regular patching and strict configuration management to mitigate these known weaknesses, ensuring that the platform’s robust visualization capabilities do not compromise underlying infrastructure integrity.

Found 1 results / 85Clear Filters
Top products by grafana: grafana Grafana Enterprise grafana/grafana grafana-image-renderer Tempo Grafana OSS Alloy Grafana Alerting Pyroscope Loki Grafana Correlations grafana/grafana-enterprise grafana-zabbix-plugin grafana-infinity-datasource Agent Flow OnCall grafana-json-datasource grafana-csv-datasource worldmap-panel google-sheets-datasource synthetic-monitoring-agent agent
CVE IDTitleCVSSSeverityPublished
CVE-2025-41118 Sensitive COS `SecretKey` exposed in plaintext via configuration API due to missing type protection — Pyroscope 9.1 Critical2026-04-15

This page lists every published CVE security advisory associated with grafana. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.