Over 46,000 Grafana instances exposed to account takeover bug

June 15, 2025

Over 46,000 Grafana instances exposed to account takeover bug

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover.
The flaw is …

Published Date:
Jun 15, 2025 (12 hours, 12 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-4123

Source: Read More

Previous ArticleDems demand audit of CVE program as Federal funding remains uncertain

Next Article Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

DistroWatch Weekly, Issue 1126

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

Grounded 2’s best feature is happening because Obsidian left the Xbox One behind

6 registry tweaks every tech-savvy user must apply on Windows 11

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

DistroWatch Weekly, Issue 1126

Find ASCII Emoji Easily with this GNOME Shell Applet

Over 46,000 Grafana instances exposed to account takeover bug

Over 46,000 Grafana instances exposed to account takeover bug

Critical Blink Router Flaws (CVSS 9.8) Allow Remote Root Code Execution via Unauthenticated Attacks

KIA Ecuador Keyless Entry Systems Vulnerability Exposes Thousands of Vehicles to Theft

Resident Evil 9 leak says it was an open-world multiplayer game at first, so I’m glad it allegedly got “a pretty heavy reboot”

CVE-2025-2768 – Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation

I finally found a power bank with a wireless charging pad, and it’s sustainably-made

CVE-2025-37792 – Linux Bluetooth btrtl NULL Pointer Dereference Vulnerability

CVE-2025-43866 – vantage6 is an open-source infrastructure for priv

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference

Trump’s First Big “Made in USA” Win AI Servers, Not iPhones

CVE-2025-48827 – vBulletin Unauthenticated API Controller Method Invocation Vulnerability

Over 46,000 Grafana instances exposed to account takeover bug

Over 46,000 Grafana instances exposed to account takeover bug

Related Posts