Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Grafana — Vulnerabilities & Security Advisories 85

Browse all 85 CVE security advisories affecting Grafana. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Grafana:grafanaGrafana Enterprisegrafana/grafanagrafana-image-rendererTempoGrafana OSSAlloyGrafana AlertingPyroscopeLokiGrafana Correlationsgrafana/grafana-enterprisegrafana-zabbix-plugingrafana-infinity-datasourceAgent FlowOnCallgrafana-json-datasourcegrafana-csv-datasourceworldmap-panelgoogle-sheets-datasourcesynthetic-monitoring-agentagent
CVE IDTitleCVSSSeverityPublished
CVE-2025-2703 Grafana 安全漏洞 — GrafanaCWE-79 6.8 Medium2025-04-23
CVE-2024-11741 Grafana 安全漏洞 — GrafanaCWE-200 4.3 Medium2025-01-31
CVE-2024-10452 Grafana 安全漏洞 — GrafanaCWE-639 2.2 Low2024-10-29
CVE-2024-9264 Grafana SQL Expressions allow for remote code execution — GrafanaCWE-94 9.9 Critical2024-10-18
CVE-2024-8118 Grafana alerting wrong permission on datasource rule write endpoint — GrafanaCWE-653 4.3AIMediumAI2024-09-26
CVE-2024-8996 Grafana Agent Flow on Windows Unquoted service path — Agent FlowCWE-428 7.3 High2024-09-25
CVE-2024-8975 Grafana Alloy on Windows Unquoted service path — AlloyCWE-428 7.3 High2024-09-25
CVE-2024-6322 Grafana 安全漏洞 — GrafanaCWE-266 4.4 Medium2024-08-20
CVE-2024-5526 Grafana OnCall 安全漏洞 — OnCallCWE-918 7.7 High2024-06-05
CVE-2024-1313 Users outside an organization can delete a snapshot with its key — GrafanaCWE-639 6.5 Medium2024-03-26
CVE-2024-1442 User with permissions to create a data source can CRUD all data sources — GrafanaCWE-269 6.0 Medium2024-03-07
CVE-2023-5122 SSRF in CSV Datasource Plugin — grafana-csv-datasourceCWE-918 5.0 Medium2024-02-14
CVE-2023-5123 Improper Path Sanitization in JSON Datasource Plugin — grafana-json-datasourceCWE-22 8.0 High2024-02-14
CVE-2023-6152 Grafana 安全漏洞 — GrafanaCWE-863 5.4 Medium2024-02-13
CVE-2023-3010 Grafana 跨站脚本漏洞 — worldmap-panelCWE-79 7.3 High2023-10-25
CVE-2023-4399 Grafana 安全漏洞 — Grafana EnterpriseCWE-183 6.6 Medium2023-10-17
CVE-2023-4457 Grafana 安全漏洞 — google-sheets-datasourceCWE-209 5.5 Medium2023-10-16
CVE-2023-4822 Grafana 安全漏洞 — Grafana EnterpriseCWE-269 6.7 Medium2023-10-16
CVE-2023-3128 Grafana 安全漏洞 — GrafanaCWE-290 9.4 Critical2023-06-22
CVE-2023-2183 Grafana 安全漏洞 — GrafanaCWE-284 4.1 Medium2023-06-06
CVE-2023-2801 Grafana 安全漏洞 — GrafanaCWE-820 7.5 High2023-06-06
CVE-2023-1387 Grafana 安全漏洞 — GrafanaCWE-200 4.2 Medium2023-04-26
CVE-2023-1410 Stored XSS in Graphite FunctionDescription tooltip — GrafanaCWE-79 6.2 Medium2023-03-23
CVE-2023-22462 Stored XSS in Grafana Text plugin — grafanaCWE-79 6.4 Medium2023-03-02
CVE-2023-0594 Grafana 跨站脚本漏洞 — GrafanaCWE-79 7.3 High2023-03-01
CVE-2023-0507 Grafana 跨站脚本漏洞 — GrafanaCWE-79 7.3 High2023-03-01
CVE-2022-23498 When query caching is enabled in Grafana users can query another users session — grafanaCWE-200 7.1 High2023-02-03
CVE-2022-23552 Grafana stored XSS in FileUploader component — grafanaCWE-79 7.3 High2023-01-27
CVE-2022-39324 Grafana vulnerable to spoofing originalUrl of snapshots — grafanaCWE-79 6.7 Medium2023-01-27
CVE-2022-46156 Grafana's default installation of `synthetic-monitoring-agent` exposes sensitive information — synthetic-monitoring-agentCWE-489 7.2 High2022-11-30

This page lists every published CVE security advisory associated with Grafana. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.