cbcvebase.
CVE-2025-1088
published 2025-06-18

CVE-2025-1088: In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation…

PriorityP48low2.7CVSS 3.1
AVNACLPRHUINSUCNINAL
EPSS
0.39%
31.2th percentile
In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

Affected

5 ranges
VendorProductVersion rangeFixed in
github.comgrafana_grafana>= 0 < 0.0.0-20250521211231-e0ba4b4809540.0.0-20250521211231-e0ba4b480954
github.comgrafana_grafana>= 0.0.1-test < 11.6.211.6.2
github.comgrafana_grafana>= 0.0.1-test
github.comhashicorp_vault>= 1.14.8 < 1.20.01.20.0
grafanagrafana< 11.6.211.6.2

CVSS provenance

nvdv3.12.7LOWCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
ghsa3.1LOW
osv2.7LOW
vendor_redhat3.1LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.