[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-3454":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":641,"aliases":642,"duplicate_of":9,"upstream":646,"downstream":647,"duplicates":662,"related":663,"reserved_at":9,"published_at":670,"modified_at":671,"state":672,"summary":673,"references_raw":682,"kevs":716,"epss":717,"epss_history":720,"metrics":982,"affected":992},"CVE-2025-3454","This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path.\n\nUsers with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources.\n\nThe issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-285","Improper Authorization","The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.","weakness","Draft","Class","High",[20,68,72,131,276,318,322,326,330,334,338,342,509,599,629,633,637],{"id":21,"name":22,"techniques":23},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[24],{"id":25,"name":26,"tactics":27,"countermeasures":43},"T1574.010","Services File Permissions Weakness",[28,31,34,37,40],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",{"id":35,"name":36},"TA0030","Defense Evasion",{"id":38,"name":39},"TA0005","Stealth",{"id":41,"name":42},"TA0104","Execution",[44,49,53,58,63],{"id":45,"name":46,"tactic":47},"D3-SWI","Software Inventory",{"name":48},"Model",{"id":50,"name":51,"tactic":52},"D3-AVE","Asset Vulnerability Enumeration",{"name":48},{"id":54,"name":55,"tactic":56},"D3-SBV","Service Binary Verification",{"name":57},"Detect",{"id":59,"name":60,"tactic":61},"D3-SU","Software Update",{"name":62},"Harden",{"id":64,"name":65,"tactic":66},"D3-RS","Restore Software",{"name":67},"Restore",{"id":69,"name":70,"techniques":71},"CAPEC-104","Cross Zone Scripting",[],{"id":73,"name":74,"techniques":75},"CAPEC-127","Directory Indexing",[76],{"id":77,"name":78,"tactics":79,"countermeasures":83},"T1083","File and Directory Discovery",[80],{"id":81,"name":82},"TA0102","Discovery",[84,88,92,97,102,106,110,115,119,123,127],{"id":85,"name":86,"tactic":87},"D3-FA","File Analysis",{"name":57},{"id":89,"name":90,"tactic":91},"D3-FIM","File Integrity Monitoring",{"name":57},{"id":93,"name":94,"tactic":95},"D3-FEV","File Eviction",{"name":96},"Evict",{"id":98,"name":99,"tactic":100},"D3-DF","Decoy File",{"name":101},"Deceive",{"id":103,"name":104,"tactic":105},"D3-FE","File Encryption",{"name":62},{"id":107,"name":108,"tactic":109},"D3-RF","Restore File",{"name":67},{"id":111,"name":112,"tactic":113},"D3-LFP","Local File Permissions",{"name":114},"Isolate",{"id":116,"name":117,"tactic":118},"D3-CF","Content Filtering",{"name":114},{"id":120,"name":121,"tactic":122},"D3-RFAM","Remote File Access Mediation",{"name":114},{"id":124,"name":125,"tactic":126},"D3-CQ","Content Quarantine",{"name":114},{"id":128,"name":129,"tactic":130},"D3-CM","Content Modification",{"name":114},{"id":132,"name":133,"techniques":134},"CAPEC-13","Subverting Environment Variable Values",[135,200,236],{"id":136,"name":137,"tactics":138,"countermeasures":141},"T1562.003","Impair Command History Logging",[139,140],{"id":35,"name":36},{"id":38,"name":39},[142,146,148,150,154,158,160,164,166,170,174,176,180,182,184,186,188,190,192,196],{"id":143,"name":144,"tactic":145},"D3-CI","Configuration Inventory",{"name":48},{"id":85,"name":86,"tactic":147},{"name":57},{"id":89,"name":90,"tactic":149},{"name":57},{"id":151,"name":152,"tactic":153},"D3-DA","Dynamic Analysis",{"name":57},{"id":155,"name":156,"tactic":157},"D3-EFA","Emulated File Analysis",{"name":57},{"id":93,"name":94,"tactic":159},{"name":96},{"id":161,"name":162,"tactic":163},"D3-RKD","Registry Key Deletion",{"name":96},{"id":98,"name":99,"tactic":165},{"name":101},{"id":167,"name":168,"tactic":169},"D3-DRA","Disable Remote Access",{"name":62},{"id":171,"name":172,"tactic":173},"D3-ACH","Application Configuration Hardening",{"name":62},{"id":103,"name":104,"tactic":175},{"name":62},{"id":177,"name":178,"tactic":179},"D3-RC","Restore Configuration",{"name":67},{"id":107,"name":108,"tactic":181},{"name":67},{"id":124,"name":125,"tactic":183},{"name":114},{"id":116,"name":117,"tactic":185},{"name":114},{"id":111,"name":112,"tactic":187},{"name":114},{"id":120,"name":121,"tactic":189},{"name":114},{"id":128,"name":129,"tactic":191},{"name":114},{"id":193,"name":194,"tactic":195},"D3-EAL","Executable Allowlisting",{"name":114},{"id":197,"name":198,"tactic":199},"D3-EDL","Executable Denylisting",{"name":114},{"id":201,"name":202,"tactics":203,"countermeasures":209},"T1574.006","Dynamic Linker Hijacking",[204,205,206,207,208],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[210,214,216,218,220,222,224,226,228,230,232,234],{"id":211,"name":212,"tactic":213},"D3-SFA","System File Analysis",{"name":57},{"id":85,"name":86,"tactic":215},{"name":57},{"id":89,"name":90,"tactic":217},{"name":57},{"id":93,"name":94,"tactic":219},{"name":96},{"id":98,"name":99,"tactic":221},{"name":101},{"id":103,"name":104,"tactic":223},{"name":62},{"id":107,"name":108,"tactic":225},{"name":67},{"id":116,"name":117,"tactic":227},{"name":114},{"id":111,"name":112,"tactic":229},{"name":114},{"id":120,"name":121,"tactic":231},{"name":114},{"id":124,"name":125,"tactic":233},{"name":114},{"id":128,"name":129,"tactic":235},{"name":114},{"id":237,"name":238,"tactics":239,"countermeasures":245},"T1574.007","Path Interception by PATH Environment Variable",[240,241,242,243,244],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[246,248,250,252,254,256,258,260,262,264,266,268,270,272,274],{"id":85,"name":86,"tactic":247},{"name":57},{"id":89,"name":90,"tactic":249},{"name":57},{"id":151,"name":152,"tactic":251},{"name":57},{"id":155,"name":156,"tactic":253},{"name":57},{"id":93,"name":94,"tactic":255},{"name":96},{"id":98,"name":99,"tactic":257},{"name":101},{"id":103,"name":104,"tactic":259},{"name":62},{"id":107,"name":108,"tactic":261},{"name":67},{"id":116,"name":117,"tactic":263},{"name":114},{"id":111,"name":112,"tactic":265},{"name":114},{"id":120,"name":121,"tactic":267},{"name":114},{"id":124,"name":125,"tactic":269},{"name":114},{"id":128,"name":129,"tactic":271},{"name":114},{"id":193,"name":194,"tactic":273},{"name":114},{"id":197,"name":198,"tactic":275},{"name":114},{"id":277,"name":278,"techniques":279},"CAPEC-17","Using Malicious Files",[280,300],{"id":281,"name":282,"tactics":283,"countermeasures":289},"T1574.005","Executable Installer File Permissions Weakness",[284,285,286,287,288],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[290,292,294,296,298],{"id":45,"name":46,"tactic":291},{"name":48},{"id":50,"name":51,"tactic":293},{"name":48},{"id":54,"name":55,"tactic":295},{"name":57},{"id":59,"name":60,"tactic":297},{"name":62},{"id":64,"name":65,"tactic":299},{"name":67},{"id":25,"name":26,"tactics":301,"countermeasures":307},[302,303,304,305,306],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[308,310,312,314,316],{"id":45,"name":46,"tactic":309},{"name":48},{"id":50,"name":51,"tactic":311},{"name":48},{"id":54,"name":55,"tactic":313},{"name":57},{"id":59,"name":60,"tactic":315},{"name":62},{"id":64,"name":65,"tactic":317},{"name":67},{"id":319,"name":320,"techniques":321},"CAPEC-39","Manipulating Opaque Client-based Data Tokens",[],{"id":323,"name":324,"techniques":325},"CAPEC-402","Bypassing ATA Password Security",[],{"id":327,"name":328,"techniques":329},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":331,"name":332,"techniques":333},"CAPEC-5","Blue Boxing",[],{"id":335,"name":336,"techniques":337},"CAPEC-51","Poison Web Service Registry",[],{"id":339,"name":340,"techniques":341},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":343,"name":344,"techniques":345},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[346,398],{"id":347,"name":348,"tactics":349,"countermeasures":353},"T1134.001","Token Impersonation/Theft",[350,351,352],{"id":35,"name":36},{"id":38,"name":39},{"id":32,"name":33},[354,358,362,366,370,374,378,382,386,390,394],{"id":355,"name":356,"tactic":357},"D3-CCSA","Credential Compromise Scope Analysis",{"name":57},{"id":359,"name":360,"tactic":361},"D3-CR","Credential Revocation",{"name":96},{"id":363,"name":364,"tactic":365},"D3-ANCI","Authentication Cache Invalidation",{"name":96},{"id":367,"name":368,"tactic":369},"D3-DUC","Decoy User Credential",{"name":101},{"id":371,"name":372,"tactic":373},"D3-CH","Credential Hardening",{"name":62},{"id":375,"name":376,"tactic":377},"D3-MFA","Multi-factor Authentication",{"name":62},{"id":379,"name":380,"tactic":381},"D3-CRO","Credential Rotation",{"name":62},{"id":383,"name":384,"tactic":385},"D3-TB","Token Binding",{"name":62},{"id":387,"name":388,"tactic":389},"D3-TBA","Token-based Authentication",{"name":62},{"id":391,"name":392,"tactic":393},"D3-RIC","Reissue Credential",{"name":67},{"id":395,"name":396,"tactic":397},"D3-CTS","Credential Transmission Scoping",{"name":114},{"id":399,"name":400,"tactics":401,"countermeasures":406},"T1550.004","Web Session Cookie",[402,403],{"id":35,"name":36},{"id":404,"name":405},"TA0109","Lateral Movement",[407,411,415,419,423,427,431,435,439,443,447,451,453,457,461,465,469,471,473,475,477,479,481,483,487,491,495,499,503,507],{"id":408,"name":409,"tactic":410},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":57},{"id":412,"name":413,"tactic":414},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":57},{"id":416,"name":417,"tactic":418},"D3-CSPP","Client-server Payload Profiling",{"name":57},{"id":420,"name":421,"tactic":422},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":57},{"id":424,"name":425,"tactic":426},"D3-NTSA","Network Traffic Signature Analysis",{"name":57},{"id":428,"name":429,"tactic":430},"D3-APCA","Application Protocol Command Analysis",{"name":57},{"id":432,"name":433,"tactic":434},"D3-NTCD","Network Traffic Community Deviation",{"name":57},{"id":436,"name":437,"tactic":438},"D3-RTSD","Remote Terminal Session Detection",{"name":57},{"id":440,"name":441,"tactic":442},"D3-PLA","Process Lineage Analysis",{"name":57},{"id":444,"name":445,"tactic":446},"D3-PSMD","Process Self-Modification Detection",{"name":57},{"id":448,"name":449,"tactic":450},"D3-PSA","Process Spawn Analysis",{"name":57},{"id":355,"name":356,"tactic":452},{"name":57},{"id":454,"name":455,"tactic":456},"D3-PT","Process Termination",{"name":96},{"id":458,"name":459,"tactic":460},"D3-PS","Process Suspension",{"name":96},{"id":462,"name":463,"tactic":464},"D3-HR","Host Reboot",{"name":96},{"id":466,"name":467,"tactic":468},"D3-HS","Host Shutdown",{"name":96},{"id":359,"name":360,"tactic":470},{"name":96},{"id":363,"name":364,"tactic":472},{"name":96},{"id":367,"name":368,"tactic":474},{"name":101},{"id":371,"name":372,"tactic":476},{"name":62},{"id":375,"name":376,"tactic":478},{"name":62},{"id":379,"name":380,"tactic":480},{"name":62},{"id":391,"name":392,"tactic":482},{"name":67},{"id":484,"name":485,"tactic":486},"D3-NTF","Network Traffic Filtering",{"name":114},{"id":488,"name":489,"tactic":490},"D3-KBPI","Kernel-based Process Isolation",{"name":114},{"id":492,"name":493,"tactic":494},"D3-SCF","System Call Filtering",{"name":114},{"id":496,"name":497,"tactic":498},"D3-HBPI","Hardware-based Process Isolation",{"name":114},{"id":500,"name":501,"tactic":502},"D3-ABPI","Application-based Process Isolation",{"name":114},{"id":504,"name":505,"tactic":506},"D3-WSAM","Web Session Access Mediation",{"name":114},{"id":395,"name":396,"tactic":508},{"name":114},{"id":510,"name":511,"techniques":512},"CAPEC-647","Collect Data from Registries",[513,543,567],{"id":514,"name":515,"tactics":516,"countermeasures":520},"T1005","Data from Local System",[517],{"id":518,"name":519},"TA0100","Collection",[521,523,525,527,529,531,533,535,537,539,541],{"id":85,"name":86,"tactic":522},{"name":57},{"id":89,"name":90,"tactic":524},{"name":57},{"id":93,"name":94,"tactic":526},{"name":96},{"id":98,"name":99,"tactic":528},{"name":101},{"id":103,"name":104,"tactic":530},{"name":62},{"id":107,"name":108,"tactic":532},{"name":67},{"id":116,"name":117,"tactic":534},{"name":114},{"id":111,"name":112,"tactic":536},{"name":114},{"id":120,"name":121,"tactic":538},{"name":114},{"id":124,"name":125,"tactic":540},{"name":114},{"id":128,"name":129,"tactic":542},{"name":114},{"id":544,"name":545,"tactics":546,"countermeasures":548},"T1012","Query Registry",[547],{"id":81,"name":82},[549,553,557,561,565],{"id":550,"name":551,"tactic":552},"D3-DI","Data Inventory",{"name":48},{"id":554,"name":555,"tactic":556},"D3-SCA","System Call Analysis",{"name":57},{"id":558,"name":559,"tactic":560},"D3-SCP","System Configuration Permissions",{"name":62},{"id":562,"name":563,"tactic":564},"D3-RD","Restore Database",{"name":67},{"id":492,"name":493,"tactic":566},{"name":114},{"id":568,"name":569,"tactics":570,"countermeasures":574},"T1552.002","Credentials in Registry",[571],{"id":572,"name":573},"TA0031","Credential Access",[575,577,579,581,583,585,587,589,591,593,595,597],{"id":550,"name":551,"tactic":576},{"name":48},{"id":355,"name":356,"tactic":578},{"name":57},{"id":359,"name":360,"tactic":580},{"name":96},{"id":363,"name":364,"tactic":582},{"name":96},{"id":367,"name":368,"tactic":584},{"name":101},{"id":371,"name":372,"tactic":586},{"name":62},{"id":375,"name":376,"tactic":588},{"name":62},{"id":379,"name":380,"tactic":590},{"name":62},{"id":558,"name":559,"tactic":592},{"name":62},{"id":562,"name":563,"tactic":594},{"name":67},{"id":391,"name":392,"tactic":596},{"name":67},{"id":395,"name":396,"tactic":598},{"name":114},{"id":600,"name":601,"techniques":602},"CAPEC-668","Key Negotiation of Bluetooth Attack (KNOB)",[603],{"id":604,"name":605,"tactics":606,"countermeasures":610},"T1565.002","Transmitted Data Manipulation",[607],{"id":608,"name":609},"TA0105","Impact",[611,613,615,617,619,621,623,625,627],{"id":408,"name":409,"tactic":612},{"name":57},{"id":412,"name":413,"tactic":614},{"name":57},{"id":416,"name":417,"tactic":616},{"name":57},{"id":420,"name":421,"tactic":618},{"name":57},{"id":424,"name":425,"tactic":620},{"name":57},{"id":428,"name":429,"tactic":622},{"name":57},{"id":432,"name":433,"tactic":624},{"name":57},{"id":436,"name":437,"tactic":626},{"name":57},{"id":484,"name":485,"tactic":628},{"name":114},{"id":630,"name":631,"techniques":632},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":634,"name":635,"techniques":636},"CAPEC-77","Manipulating User-Controlled Variables",[],{"id":638,"name":639,"techniques":640},"CAPEC-87","Forceful Browsing",[],[],[643,644,645],"GHSA-9j65-rv5x-4vrf","BIT-grafana-2025-3454","GO-2025-3742",[],[648,650,652,654,656,658,660],{"_key":649},"UBUNTU-CVE-2025-3454",{"_key":651},"SUSE-SU-2025:01985-1",{"_key":653},"SUSE-SU-2025:01987-1",{"_key":655},"SUSE-SU-2025:01989-1",{"_key":657},"SUSE-SU-2025:01991-1",{"_key":659},"OPENSUSE-SU-2025:15052-1",{"_key":661},"OPENSUSE-SU-2025:15225-1",[],[664,665,666,667,668,669],{"_key":651},{"_key":653},{"_key":655},{"_key":657},{"_key":659},{"_key":661},"2025-06-02T10:34:09.254Z","2025-06-02T12:04:24.348Z","Deferred",{"cisa_kev":674,"cisa_ransomware":674,"cisa_vendor":9,"epss_severity":675,"epss_score":676,"severity":677,"severity_score":678,"severity_version":679,"severity_source":680,"severity_vector":681,"severity_status":672},false,"low",0.00032,"medium",5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",[683,688,694,699,704,708,712],{"url":684,"sources":685,"tags":687},"https://grafana.com/security/security-advisories/cve-2025-3454/",[680,686],"nvd",[],{"url":689,"sources":690,"tags":692},"https://nvd.nist.gov/vuln/detail/CVE-2025-3454",[691],"osv_go",[693],"Advisory",{"url":695,"sources":696,"tags":697},"https://github.com/grafana/grafana",[691],[698],"PACKAGE",{"url":700,"sources":701,"tags":702},"https://github.com/grafana/grafana/blob/be8d153dc33734caba4f617ff571d18253e68fa0/CHANGELOG.md#10417security-01-2025-04-22",[691],[703],"WEB",{"url":705,"sources":706,"tags":707},"https://grafana.com/blog/2025/04/22/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-3260-cve-2025-2703-cve-2025-3454",[691],[703],{"url":709,"sources":710,"tags":711},"https://grafana.com/security/security-advisories/cve-2025-3454",[691],[703],{"url":713,"sources":714,"tags":715},"https://github.com/advisories/GHSA-9j65-rv5x-4vrf",[691],[693],[],{"date":718,"score":676,"percentile":719},"2026-06-04",0.09745,[721,725,728,731,734,737,739,743,746,749,752,755,758,761,764,768,771,774,777,780,782,784,787,790,793,796,799,801,804,807,810,813,816,819,822,825,828,831,834,837,839,842,845,848,851,854,857,860,863,866,868,870,873,876,880,883,886,889,892,895,898,901,904,906,909,912,915,918,921,923,926,929,932,935,938,940,943,946,949,952,954,957,959,961,964,967,970,973,976,979],{"date":722,"score":723,"percentile":724},"2025-11-04",0.00009,0.00578,{"date":726,"score":723,"percentile":727},"2025-11-05",0.00579,{"date":729,"score":723,"percentile":730},"2025-11-06",0.0058,{"date":732,"score":723,"percentile":733},"2025-11-07",0.00582,{"date":735,"score":723,"percentile":736},"2025-11-08",0.00581,{"date":738,"score":723,"percentile":730},"2025-11-09",{"date":740,"score":741,"percentile":742},"2025-11-10",0.0001,0.00825,{"date":744,"score":741,"percentile":745},"2025-11-11",0.00829,{"date":747,"score":741,"percentile":748},"2025-11-12",0.00827,{"date":750,"score":741,"percentile":751},"2025-11-13",0.00828,{"date":753,"score":741,"percentile":754},"2025-11-14",0.0083,{"date":756,"score":741,"percentile":757},"2025-11-15",0.00832,{"date":759,"score":741,"percentile":760},"2025-11-16",0.00831,{"date":762,"score":741,"percentile":763},"2025-11-17",0.00822,{"date":765,"score":766,"percentile":767},"2025-11-18",0.00043,0.08215,{"date":769,"score":766,"percentile":770},"2025-11-19",0.08228,{"date":772,"score":766,"percentile":773},"2025-11-20",0.0826,{"date":775,"score":741,"percentile":776},"2025-11-21",0.00838,{"date":778,"score":741,"percentile":779},"2025-11-22",0.00836,{"date":781,"score":741,"percentile":745},"2025-11-23",{"date":783,"score":741,"percentile":748},"2025-11-24",{"date":785,"score":741,"percentile":786},"2025-11-25",0.00824,{"date":788,"score":741,"percentile":789},"2025-11-26",0.00814,{"date":791,"score":741,"percentile":792},"2025-11-27",0.00812,{"date":794,"score":741,"percentile":795},"2025-11-28",0.00817,{"date":797,"score":741,"percentile":798},"2025-11-29",0.00835,{"date":800,"score":741,"percentile":779},"2025-11-30",{"date":802,"score":741,"percentile":803},"2025-12-01",0.00856,{"date":805,"score":741,"percentile":806},"2025-12-02",0.00852,{"date":808,"score":741,"percentile":809},"2025-12-03",0.00855,{"date":811,"score":741,"percentile":812},"2025-12-04",0.0084,{"date":814,"score":741,"percentile":815},"2025-12-05",0.00845,{"date":817,"score":741,"percentile":818},"2025-12-06",0.00842,{"date":820,"score":741,"percentile":821},"2025-12-07",0.00844,{"date":823,"score":741,"percentile":824},"2025-12-08",0.00848,{"date":826,"score":741,"percentile":827},"2025-12-09",0.00862,{"date":829,"score":741,"percentile":830},"2025-12-10",0.00873,{"date":832,"score":741,"percentile":833},"2025-12-11",0.00871,{"date":835,"score":741,"percentile":836},"2025-12-12",0.00877,{"date":838,"score":741,"percentile":830},"2025-12-13",{"date":840,"score":741,"percentile":841},"2025-12-14",0.00872,{"date":843,"score":741,"percentile":844},"2025-12-15",0.00868,{"date":846,"score":741,"percentile":847},"2025-12-16",0.00874,{"date":849,"score":741,"percentile":850},"2025-12-17",0.00879,{"date":852,"score":741,"percentile":853},"2025-12-18",0.00875,{"date":855,"score":741,"percentile":856},"2025-12-19",0.00881,{"date":858,"score":741,"percentile":859},"2025-12-20",0.00878,{"date":861,"score":741,"percentile":862},"2025-12-21",0.0088,{"date":864,"score":741,"percentile":865},"2025-12-22",0.00883,{"date":867,"score":741,"percentile":856},"2025-12-23",{"date":869,"score":741,"percentile":865},"2025-12-24",{"date":871,"score":741,"percentile":872},"2025-12-25",0.00886,{"date":874,"score":741,"percentile":875},"2025-12-26",0.00889,{"date":877,"score":878,"percentile":879},"2025-12-27",0.00011,0.01045,{"date":881,"score":878,"percentile":882},"2025-12-28",0.01037,{"date":884,"score":878,"percentile":885},"2025-12-29",0.01031,{"date":887,"score":878,"percentile":888},"2025-12-30",0.0103,{"date":890,"score":878,"percentile":891},"2025-12-31",0.01027,{"date":893,"score":878,"percentile":894},"2026-01-01",0.01047,{"date":896,"score":878,"percentile":897},"2026-01-02",0.01044,{"date":899,"score":878,"percentile":900},"2026-01-03",0.01049,{"date":902,"score":878,"percentile":903},"2026-01-04",0.01023,{"date":905,"score":878,"percentile":891},"2026-01-05",{"date":907,"score":878,"percentile":908},"2026-01-06",0.00939,{"date":910,"score":878,"percentile":911},"2026-01-07",0.0094,{"date":913,"score":878,"percentile":914},"2026-01-08",0.00948,{"date":916,"score":878,"percentile":917},"2026-01-09",0.0096,{"date":919,"score":878,"percentile":920},"2026-01-10",0.00963,{"date":922,"score":878,"percentile":920},"2026-01-11",{"date":924,"score":878,"percentile":925},"2026-01-12",0.00962,{"date":927,"score":878,"percentile":928},"2026-01-13",0.00965,{"date":930,"score":878,"percentile":931},"2026-01-14",0.00964,{"date":933,"score":878,"percentile":934},"2026-01-15",0.00968,{"date":936,"score":878,"percentile":937},"2026-01-16",0.00976,{"date":939,"score":878,"percentile":937},"2026-01-17",{"date":941,"score":878,"percentile":942},"2026-01-18",0.00983,{"date":944,"score":878,"percentile":945},"2026-01-19",0.00984,{"date":947,"score":878,"percentile":948},"2026-01-20",0.00978,{"date":950,"score":878,"percentile":951},"2026-01-21",0.00972,{"date":953,"score":878,"percentile":937},"2026-01-22",{"date":955,"score":878,"percentile":956},"2026-01-23",0.00985,{"date":958,"score":878,"percentile":956},"2026-01-24",{"date":960,"score":878,"percentile":956},"2026-01-25",{"date":962,"score":878,"percentile":963},"2026-01-26",0.00987,{"date":965,"score":878,"percentile":966},"2026-01-27",0.00981,{"date":968,"score":878,"percentile":969},"2026-01-28",0.00979,{"date":971,"score":878,"percentile":972},"2026-01-29",0.00982,{"date":974,"score":878,"percentile":975},"2026-01-30",0.00986,{"date":977,"score":878,"percentile":978},"2026-01-31",0.00995,{"date":980,"score":878,"percentile":981},"2026-02-01",0.01009,[983,988,990],{"source":680,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":984,"cvss_v4_0":9},{"baseScore":678,"baseSeverity":985,"vectorString":681,"impactScore":986,"exploitabilityScore":987},"MEDIUM",2.3,7.9,{"source":686,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":989,"cvss_v4_0":9},{"baseScore":678,"baseSeverity":985,"vectorString":681,"impactScore":986,"exploitabilityScore":987},{"source":691,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":991,"cvss_v4_0":9},{"baseScore":678,"baseSeverity":9,"vectorString":681,"impactScore":986,"exploitabilityScore":987},[993,1010,1037],{"ecosystem":994,"name":995,"vendor":996,"product":997,"cpe_part":9,"purl_type":998,"purl_namespace":996,"purl_name":997,"source":9,"versions":999},"Go","github.com/grafana/grafana","github.com/grafana","grafana","golang",[1000,1008],{"version":1001,"is_range":1002,"range_type":1003,"version_start":1004,"version_start_type":1005,"version_end":1006,"version_end_type":1007,"fixed_in":9},"gte0_0_0_20210414170620_dadccdda06e6_lt0_0_0_20250424191517_1f707d16ed5d",true,"semver","0.0.0-20210414170620-dadccdda06e6","including","0.0.0-20250424191517-1f707d16ed5d","excluding",{"version":1009,"is_range":1002,"range_type":1003,"version_start":1004,"version_start_type":1005,"version_end":9,"version_end_type":9,"fixed_in":9},"gte0_0_0_20210414170620_dadccdda06e6",{"ecosystem":9,"name":997,"vendor":997,"product":997,"cpe_part":1011,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1012},"a",[1013,1017,1021,1025,1029,1033],{"version":1014,"is_range":1002,"range_type":680,"version_start":1015,"version_start_type":1005,"version_end":1016,"version_end_type":1007,"fixed_in":9},">= 11.6.0, \u003C 11.6.0+security-01","11.6.0","11.6.0+security-01",{"version":1018,"is_range":1002,"range_type":680,"version_start":1019,"version_start_type":1005,"version_end":1020,"version_end_type":1007,"fixed_in":9},">= 11.5.0, \u003C 11.5.3+security-01","11.5.0","11.5.3+security-01",{"version":1022,"is_range":1002,"range_type":680,"version_start":1023,"version_start_type":1005,"version_end":1024,"version_end_type":1007,"fixed_in":9},">= 11.4.0, \u003C 11.4.3+security-01","11.4.0","11.4.3+security-01",{"version":1026,"is_range":1002,"range_type":680,"version_start":1027,"version_start_type":1005,"version_end":1028,"version_end_type":1007,"fixed_in":9},">= 11.3.0, \u003C 11.3.5+security-01","11.3.0","11.3.5+security-01",{"version":1030,"is_range":1002,"range_type":680,"version_start":1031,"version_start_type":1005,"version_end":1032,"version_end_type":1007,"fixed_in":9},">= 11.2.0, \u003C 11.2.8+security-01","11.2.0","11.2.8+security-01",{"version":1034,"is_range":1002,"range_type":680,"version_start":1035,"version_start_type":1005,"version_end":1036,"version_end_type":1007,"fixed_in":9},">= 10.4.0, \u003C 10.4.17+security-01","10.4.0","10.4.17+security-01",{"ecosystem":9,"name":1038,"vendor":997,"product":1039,"cpe_part":1011,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1040},"Grafana Enterprise","grafana enterprise",[1041,1042,1043,1044,1045,1046],{"version":1014,"is_range":1002,"range_type":680,"version_start":1015,"version_start_type":1005,"version_end":1016,"version_end_type":1007,"fixed_in":9},{"version":1018,"is_range":1002,"range_type":680,"version_start":1019,"version_start_type":1005,"version_end":1020,"version_end_type":1007,"fixed_in":9},{"version":1022,"is_range":1002,"range_type":680,"version_start":1023,"version_start_type":1005,"version_end":1024,"version_end_type":1007,"fixed_in":9},{"version":1026,"is_range":1002,"range_type":680,"version_start":1027,"version_start_type":1005,"version_end":1028,"version_end_type":1007,"fixed_in":9},{"version":1030,"is_range":1002,"range_type":680,"version_start":1031,"version_start_type":1005,"version_end":1032,"version_end_type":1007,"fixed_in":9},{"version":1034,"is_range":1002,"range_type":680,"version_start":1035,"version_start_type":1005,"version_end":1036,"version_end_type":1007,"fixed_in":9}]