CVE-2025-6197 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-6197 PUBLISHED

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL

EPSS 0.81% · 74.1th percentile

Risk Scores

EPSS Score

0.81%

74.1th percentile

Affected Products

Vendor	Product	Versions
Bitnami	grafana	11.3.0, 12.0.0
Bitnami	grafana	11.3.0, 12.0.0

Timeline

Jul 17, 2025 CVE Published
Jul 18, 2025 EPSS Score
Jul 18, 2025 Coalition ESS Score
Jul 18, 2025 PoC Published
Jul 18, 2025 PoC Published
Jul 19, 2025 PoC Published
Jul 22, 2025 Coalition ESS Score
Jul 22, 2025 PoC Published
Jul 22, 2025 PoC Published
Jul 25, 2025 PoC Published
Jul 27, 2025 EPSS Score
Jul 30, 2025 PoC Published

References

Open in Interactive Console →