CVE-2025-1088: Grafana long dashboard title or panel name causes unresponsives

June 18, 2025

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

References

github.com/advisories/GHSA-crvv-6w6h-cv34
github.com/grafana/grafana
grafana.com/security/security-advisories/cve-2025-1088
nvd.nist.gov/vuln/detail/CVE-2025-1088

Code Behaviors & Features

Detect and mitigate CVE-2025-1088 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →