VIR Vulnerability Intelligence Relay

CVE-2025-1088

unknown
Published 2025-06-18 · Modified 2026-02-04
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVSS v2
VIR risk

Description

Grafana long dashboard title or panel name causes unresponsives in github.com/grafana/grafana

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2025-1088.html

OS impact
OSVersionStatusFixed in
suse slesaffected

Package impact
EcosystemPackageVulnerableFixed
golang Gogithub.com/grafana/grafana>=0.0.1-test,<11.6.211.6.2
golang Gogithub.com/grafana/grafana<0.0.0-20250521211231-e0ba4b4809540.0.0-20250521211231-e0ba4b480954
golang Gogithub.com/grafana/grafana>=0.0.1-test,<0.0.0-20250521211231-e0ba4b4809540.0.0-20250521211231-e0ba4b480954

References

Verify integrity in audit chain (admin only). AS-IS.