Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Grafana AI image-renderer prompt injection patch (GrafanaGhost)

Security Patch Release
First reported
Last updated
Happening score
H score 12
1 unique sources, 1 articles

Summary

Hide ▲

Grafana has patched the GrafanaGhost flaw in its image renderer and Markdown component, closing an AI prompt-injection path that could have exposed sensitive data. The issue let attacker-controlled content slip malicious instructions into Grafana's AI workflow and risk data exfiltration during normal use. Grafana says there is no evidence of exploitation in the wild and no data was leaked from Grafana Cloud.

Related Happenings

Grafana Labs source code leak and extortion demand

Data Leak
First: 19.05.2026 12:15 Last: 19.05.2026 12:15 Sources 1

About this happening: The **Grafana Labs** codebase was **downloaded from its GitHub environment**, creating a risk that proprietary source code could be **released or misused**. The company said **no...

Open Happening

CoinbaseCartel escalates extortion activity with more than 100 victims

Threat Actor Meta
First: 18.05.2026 16:46 Last: 18.05.2026 16:46 Sources 1

About this happening: **CoinbaseCartel** has expanded its extortion operation, publicly listing **more than 100 victims** on a **data leak portal**. The growth signals a more scalable criminal ecosyste...

Open Happening

Grafana Labs Says GitHub hit by cyberattack

Incident
First: 17.05.2026 10:13 Last: 17.05.2026 10:13 Sources 1

About this happening: A **Grafana Labs** incident was later tied to the **Mini Shai-Hulud** supply-chain campaign against **TanStack npm packages**. Grafana said an unauthorized party used a token to a...

Open Happening

Grafana Enterprise security update for CVE-2025-41115

Security Patch Release
First: 21.11.2025 17:40 Last: 21.11.2025 17:40 Sources 1

About this happening: **Grafana** released **security updates** for **CVE-2025-41115**, a **CVSS 10.0** flaw in **Grafana Enterprise** that could enable **user impersonation** or **privilege escalation...

Open Happening

Grafana CVE-2021-43798 exploitation wave

Exploitation Wave
First: 04.10.2025 17:18 Last: 04.10.2025 17:18 Sources 1

About this happening: An **active exploitation wave** hit **Grafana** on **September 28**, with **110 unique malicious IPs** launching automated attacks against the old **CVE-2021-43798** path traversa...

Open Happening

Timeline

  1. 07.04.2026 22:52 2 articles · 1mo ago

    Grafana patches GrafanaGhost AI image-renderer issue

    Mitigation Patch Update

    Grafana Labs patched the GrafanaGhost issue in Grafana's image renderer and Markdown component after Noma Security published research showing that indirect prompt injection in Grafana's AI features could expose sensitive data when attacker-controlled content loaded a malicious image and the AI processed hidden instructions. Grafana said there is no evidence of exploitation in the wild and no data was leaked from Grafana Cloud.

    Show sources
    Open in new tab