VYPR

Vendor CVEs

Grafana

All CVEs

122 total · sorted by risk
  • CVE-2019-15043Sep 3, 2019
    risk 0.07cvss epss 0.63

    In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.

  • CVE-2023-0507Mar 1, 2023
    risk 0.05cvss epss 0.15

    Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and…

  • CVE-2022-32275Jun 6, 2022
    risk 0.05cvss epss 0.09

    Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd…

  • CVE-2021-43813Dec 10, 2021
    risk 0.05cvss epss 0.58

    Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for fully lowercase or fully uppercase .md files. The vulnerability is limited in scope, and only allows access to files…

  • CVE-2022-31097Jul 15, 2022
    risk 0.04cvss epss 0.69

    Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability…

  • CVE-2022-32276Jun 17, 2022
    risk 0.04cvss epss 0.03

    Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability

  • CVE-2023-0594Mar 1, 2023
    risk 0.03cvss epss 0.09

    Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not…

  • CVE-2024-9264Oct 18, 2024
    risk 0.01cvss epss 0.98

    The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user…

  • CVE-2021-28148Mar 22, 2021
    risk 0.01cvss epss 0.04

    One of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.10, and 7.4.x before 7.4.5 is accessible without any authentication. This allows any unauthenticated user to send an unlimited number of requests to the endpoint, leading to a…

  • CVE-2018-19039Dec 13, 2018
    risk 0.01cvss epss 0.07

    Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.

  • CVE-2026-42127Jun 22, 2026
    risk 0.00cvss epss 0.00

    The public dashboard query endpoint does not limit request body size before processing, allowing unauthenticated attackers to trigger excessive memory allocation by sending arbitrarily large JSON payloads. This can lead to denial of service through memory exhaustion. No valid…

  • CVE-2026-28381Jun 22, 2026
    risk 0.00cvss epss 0.00

    The Snowflake datasource allows for GET/PUT commands, which can allow any user with access to run queries against the data source to read/write files between the local grafana server and the connected Snowflake host.

  • CVE-2026-9029Jun 22, 2026
    risk 0.00cvss epss 0.00

    The geomap panel's XYZ tile layer has a sanitize-then-interpolate ordering bug. sanitizeTextPanelContent() runs on the raw template string before getTemplateSrv().replace() substitutes the variable value, which uses the glob format with no HTML escaping. The result is passed to…

  • CVE-2026-10601Jun 22, 2026
    risk 0.00cvss epss 0.00

    The Tempo and Loki datasource plugins construct backend HTTP requests by interpolating user-supplied input into URL paths without sanitization, enabling path traversal. A Viewer-role user can: (1) capture admin-configured datasource credentials (secureJsonData custom headers) by…

  • CVE-2026-42129Jun 22, 2026
    risk 0.00cvss epss 0.00

    The Loki datasource plugin's callResource handler contains a path traversal vulnerability. An authenticated Viewer-role user can escape the plugin's resource sandbox and access administrative Loki endpoints (e.g. /config, /services, /ready) to extract sensitive backend…

  • CVE-2026-27878Jun 19, 2026
    risk 0.00cvss epss 0.00

    A TraceQL query in Grafana Tempo with a large exemplars hint value can cause the Tempo instance to allocate an excessive amount of memory, resulting in an out-of-memory crash. This could allow an authenticated user to trigger a denial of service against the Tempo service.

  • CVE-2026-32117Mar 11, 2026
    risk 0.00cvss epss 0.00

    The grafanacubism-panel plugin allows use of cubism.js in Grafana. In 0.1.2 and earlier, the panel's zoom-link handler passes a dashboard-editor-supplied URL directly to window.location.assign() / window.open() with no scheme validation. An attacker with dashboard Editor…

  • CVE-2025-41117Feb 12, 2026
    risk 0.00cvss epss 0.00

    Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected;…

  • CVE-2026-21722Feb 12, 2026
    risk 0.00cvss epss 0.00

    Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did…

  • CVE-2026-21720Jan 27, 2026
    risk 0.00cvss epss 0.01

    Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an…

  • CVE-2025-41115Nov 21, 2025
    risk 0.00cvss epss 0.17

    SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a…

  • CVE-2024-10452Oct 29, 2024
    risk 0.00cvss epss 0.01

    Organization admins can delete pending invites created in an organization they are not part of.

  • CVE-2024-8975Sep 25, 2024
    risk 0.00cvss epss 0.00

    Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1.

  • CVE-2024-5526Jun 5, 2024
    risk 0.00cvss epss 0.00

    Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side…

  • CVE-2023-31634Mar 27, 2024
    risk 0.00cvss epss 0.01

    In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the…

  • CVE-2024-1442Mar 7, 2024
    risk 0.00cvss epss 0.01

    A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.

  • CVE-2023-5122Feb 14, 2024
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. The CSV datasource plugin is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing CSV data from a remote endpoint configured by an administrator. If this plugin was configured…

  • CVE-2023-5123Feb 14, 2024
    risk 0.00cvss epss 0.01

    The JSON datasource plugin ( https://grafana.com/grafana/plugins/marcusolsson-json-datasource/ ) is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing JSON data from a remote endpoint (including a specific sub-path) configured by an…

  • CVE-2023-6152Feb 13, 2024
    risk 0.00cvss epss 0.01

    A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up.

  • CVE-2023-3010Oct 25, 2023
    risk 0.00cvss epss 0.00

    Grafana is an open-source platform for monitoring and observability. The WorldMap panel plugin, versions before 1.0.4 contains a DOM XSS vulnerability.

  • CVE-2023-4399Oct 17, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Request security is a deny list that allows admins to configure Grafana in a way so that the instance doesn’t call specific hosts. However, the restriction can be bypassed used…

  • CVE-2023-4457Oct 16, 2023
    risk 0.00cvss epss 0.00

    Grafana is an open-source platform for monitoring and observability. The Google Sheets data source plugin for Grafana, versions 0.9.0 to 1.2.2 are vulnerable to an information disclosure vulnerability. The plugin did not properly sanitize error messages, making it potentially…

  • CVE-2023-4822Oct 16, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. The vulnerability impacts Grafana instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer,…

  • CVE-2023-3128Jun 22, 2023
    risk 0.00cvss epss 0.04

    Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.

  • CVE-2023-2183Jun 6, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API…

  • CVE-2023-2801Jun 6, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Using public dashboards users can query multiple distinct data sources using mixed queries. However such query has a possibility of crashing a Grafana instance. The only feature that uses mixed queries at…

  • CVE-2023-1387Apr 26, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration…

  • CVE-2023-1410Mar 23, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability.  Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An…

  • CVE-2023-22462Mar 2, 2023
    risk 0.00cvss epss 0.02

    Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user…

  • CVE-2022-23498Feb 3, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s…

  • CVE-2022-23552Jan 27, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files…

  • CVE-2022-39324Jan 27, 2023
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the…

  • CVE-2022-44643Dec 21, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the label-based access control of Grafana Labs Grafana Enterprise Metrics allows an attacker more access than intended. If an access policy which has label selector restrictions also has been granted access to all tenants in the system, the label selector…

  • CVE-2022-46156Nov 30, 2022
    risk 0.00cvss epss 0.00

    The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monitoring agent prior to version 0.12.0 in their local network are impacted. The…

  • CVE-2022-39306Nov 9, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the…

  • CVE-2022-39307Nov 9, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not…

  • CVE-2022-39328Nov 8, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load.…

  • CVE-2022-31130Oct 13, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication tokens to some destination plugins under some conditions. The vulnerability impacts data source and plugin proxy…

  • CVE-2022-39201Oct 13, 2022
    risk 0.00cvss epss 0.01

    Grafana is an open source observability and data visualization platform. Starting with version 5.0.0-beta1 and prior to versions 8.5.14 and 9.1.8, Grafana could leak the authentication cookie of users to plugins. The vulnerability impacts data source and plugin proxy endpoints…

  • CVE-2022-31123Oct 13, 2022
    risk 0.00cvss epss 0.00

    Grafana is an open source observability and data visualization platform. Versions prior to 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though…