216.73.216.170

CVE-2025-10630

· Published 19/09/2025 10:15 · Modified 19/09/2025 16:00

Labels: CVE-2025-10630 2025-09-19CVE-2025-10630CWE-20[email protected]

Essential information

Published
19/09/2025 10:15
Modified
19/09/2025 16:00
Author
Creator
CVSS
4.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CVSS metrics

Description

Grafana is an open-source platform for monitoring and observability. Grafana-Zabbix is a plugin for Grafana allowing to visualize monitoring data from Zabbix and create dashboards for analyzing metrics and realtime monitoring.  Versions 5.2.1 and below contained a ReDoS vulnerability via user-supplied regex query which could causes CPU usage to max out. This vulnerability is fixed in version 6.0.0.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
grafana / grafana cpe:2.3:a:grafana:grafana:<5.2.1:*:*:*:*:*:*
grafana / grafana-zabbix cpe:2.3:a:grafana:grafana-zabbix:*:*:*:*:*:*:*:*

References