EUVD-2025-18570

| CVE-2025-1088 LOW
2025-06-18 [email protected] GHSA-crvv-6w6h-cv34
2.7
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 14, 2026 - 22:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 22:49 euvd
EUVD-2025-18570
CVE Published
Jun 18, 2025 - 10:15 nvd
LOW 2.7

Tags

Grafana Information Disclosure Google Ubuntu Debian Chrome

Description

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

Analysis

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

Technical Context

This vulnerability is classified as Improper Input Validation (CWE-20).

Affected Products

Affected: Grafana

Remediation

Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.

Priority Score

14
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +14
POC: 0

Vendor Status

Ubuntu

Priority: Medium
grafana
Release Status Version
xenial needs-triage -
jammy DNE -
noble DNE -
oracular DNE -
plucky DNE -
upstream needs-triage -
questing DNE -

Debian

grafana
Release Status Fixed Version Urgency
(unstable) fixed (unfixed) -

Share

EUVD-2025-18570 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy