CVE-2025-41118 – Grafana Pyroscope
CVSS 9.1
CRITICAL
“A single exposed weakness can open the door to full system compromise.”
Grafana addressed a critical vulnerability in Pyroscope that could allow severe system impact if exploited. This issue affects core functionality and exposes systems to high-risk compromise scenarios if left unpatched. CVE-2025-41118 has a CVSS score of 9.1, which is Critical severity.
The patch closes this gap by strengthening how the application handles unsafe conditions within its processing logic. There is no verified evidence of active exploitation or public proof-of-concept code at this time, but the severity alone makes this a high-priority update for any environment running Pyroscope.
Key Details
- Affected Product
- Grafana Pyroscope
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-732
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.