CVE-2025-41117 | Grafana/Grafana Enterprise up to 12.2.4/12.3.2 Jaeger HTTP API injection

Inserito da Angelo Barbosa | Feb 12, 2026 | CVE

A vulnerability has been found in Grafana and Grafana Enterprise up to 12.2.4/12.3.2 and classified as problematic. This impacts an unknown function of the component Jaeger HTTP API. The manipulation leads to injection.

This vulnerability is documented as CVE-2025-41117. The attack can be initiated remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2025-41117 | Grafana/Grafana Enterprise up to 12.2.4/12.3.2 Jaeger HTTP API injection

Post correlati

CVE-2025-34320 | BASIS International BBj up to 24.x BBj Service path traversal

CVE-2024-54500 | Apple watchOS Image memory corruption

CVE-2025-1381 | code-projects Real Estate Property Management System 1.0 /ajax_city.php CityName sql injection

CVE-2023-7210 | OneNav up to 0.9.33 API /index.php X-Token improper authentication