Security Advisory

Grafana Product Security Update Advisory (CVE-2025-41115)

  • Nov 28 2025
Grafana Product Security Update Advisory (CVE-2025-41115)

Overview

 

We have released a security update to address a vulnerability in our Grafana product. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-41115

 

Grafana Enterprise Versions: 12.0.0 and earlier and 12.2.1 and earlier

 

 

Resolved Vulnerabilities

 

Improper authorization assignment vulnerability in Grafana Enterprise (CVE-2025-41115)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-41115

 

Grafana Enterprise version: 12.0.6+security-01
Grafana Enterprise version: 12.1.3+security-01
Grafana Enterprise version: 12.2.1+security-01
Grafana Enterprise version: 12.3.0

 

 

References

 

[1] Grafana Enterprise security update: critical severity security fix for CVE-2025-41115
https://grafana.com/blog/2025/11/19/grafana-enterprise-security-update-critical-severity-security-f..

Tags:
Previous Post

Next Post