Input Validation Flaw in Grafana Causes Chromium Browser Unresponsiveness
CVE-2025-1088

2.7LOW

Key Information:

Vendor: Grafana
Status: Grafana
Vendor: CVE Published:; 18 June 2025

What is CVE-2025-1088?

In Grafana, an improperly validated long dashboard title or panel name can lead to performance issues in Chromium-based browsers. Specifically, versions prior to 11.6.2 are susceptible to this flaw, which may render the browser unresponsive under certain conditions. This vulnerability highlights the importance of strict input validation to maintain application performance and security.

Affected Version(s)

Grafana 0 < 11.6.2

References

https://grafana.com/security/security-advisories/cve-2025...

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Feb 6, 2025

Credit

Jinay Patel

Shrey Shah