A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of ...

Ox Security warned on Sunday that CVE-2025-4123 impacts 36% of public-facing Grafana instances – or over 46,000 worldwide – as well as countless Grafana servers not connected to the internet. Open ...

Grafana Cloud instances have not been impacted, the developer said today. According to public reports, there are thousands of Grafana servers exposed on the public internet.

Grafana is one of the most popular open-source tools for visualizing data generated by numerous sources (such as Google Sheets, Amazon Timestream, Elasticsearch and nearly any database). With ...