Critical severity9.9OSV Advisory· Published Oct 9, 2025· Updated Apr 15, 2026

CVE-2025-11539

Description

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then loaded by the Chromium process.

Instances are vulnerable if:

1. The default token ("authToken") is not changed, or is known to the attacker. 2. The attacker can reach the image renderer endpoint. This issue affects grafana-image-renderer: from 1.0.0 through 4.0.16.

Affected products

Grafana/Grafana Image RendererOSV
Range: v1.0.0, v1.0.1, v1.0.10, …

Patches

1858c2c51347

https://github.com/grafana/grafana-image-renderervia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.643
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000