Grafana Ghost: Over 46,000 Instances Still Haunting the Web with Unpatched Vulnerability!

More than 46,000 Grafana instances are playing host to the “Grafana Ghost,” a client-side open redirect vulnerability known as CVE-2025-4123. Despite security updates, these instances remain unpatched online, offering attackers a prime opportunity for malicious plugin execution and account takeovers. It’s a haunting oversight in cybersecurity.

3P
Published: June 15, 2025 2:16 pmAdded: June 15, 2025 at 7:25 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Grafana’s got a ghost problem, and it’s not the friendly kind! With over 46,000 instances still vulnerable to exploitation, it’s like leaving the back door open during a ghost tour. Time to call in the cyber-exorcists, aka the patch updates!

Key Points:

  • Over 46,000 Grafana instances are still vulnerable to CVE-2025-4123, a client-side open redirect flaw.
  • The vulnerability allows executing malicious plugins and account takeover without elevated privileges.
  • Exploitation can lead to session hijacking, credential changes, and server-side request forgery.
  • Security updates were released by Grafana Labs on May 21, yet many remain unpatched.
  • Administrators urged to update to specific security versions to mitigate risks.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?