VYPR
Medium severity4.3GHSA Advisory· Published Jul 17, 2025· Updated Jun 17, 2026

CVE-2025-3415

CVE-2025-3415

Description

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/grafana/grafanaGo
< 1.9.2-0.20250514160932-04111e9f2afd1.9.2-0.20250514160932-04111e9f2afd

Affected products

99

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.