Low severityNVD Advisory· Published Nov 11, 2025· Updated Apr 15, 2026

CVE-2025-3717

Description

When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in

the wrong user identifier being used, and information for which the viewer is not authorized being returned.

This issue affects Grafana Snowflake Datasource Plugin: from 1.5.0 before 1.14.1.

Affected products

Grafana/Grafana Snowflake Datasourceinferred
Range: >=1.5.0,<1.14.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

grafana.com/security/security-advisories/cve-2025-3717/nvd

News mentions

No linked articles in our index yet.

cvss	0.065
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000