CVE-2025-1088

LOW2.7EPSS 0.35%

Grafana long dashboard title or panel name causes unresponsives

Published: 6/18/2025Modified: 2/4/2026

Also known as:GHSA-crvv-6w6h-cv34BIT-grafana-2025-1088CGA-xmcm-669q-2jfgGO-2025-3766

Description

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

Affected packages (3)

Bitnami/grafanafrom 0, < 11.6.2
Go/github.com/grafana/grafana>= 0.0.1-test, < 11.6.2
Go/github.com/grafana/grafanafrom 0, < 0.0.0-20250521211231-e0ba4b480954, >= 0.0.1-test

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	LOW2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

References (5)

ADVISORYhttps://github.com/advisories/GHSA-crvv-6w6h-cv34
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-1088
PATCHhttps://github.com/grafana/grafana
WEBhttps://grafana.com/security/security-advisories/cve-2025-1088
WEBhttps://grafana.com/security/security-advisories/cve-2025-1088/