CVE-2026-22643
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: SICK AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| grafana | grafana | to 11.6.2 (inc) |
| grafana | grafana | From 11.5.0 (inc) |
| grafana | grafana | From 12.0.2 (inc) |
| grafana | grafana | From 11.6.3 (inc) |
| grafana | grafana | From 11.5.6 (inc) |
| grafana | grafana | From 11.4.6 (inc) |
| grafana | grafana | From 11.3.8 (inc) |
| sick_ag | sick_incoming_goods_suite | From 1.2.1 (inc) |
| sick_ag | meac300 | * |
| sick_ag | lector8xx | * |
| sick_ag | inspectorp8xx | * |
| sick_ag | dl100-2xxxxxxx | * |
| sick_ag | flexi_compact | * |
| sick_ag | picoscan | * |
| sick_ag | multiscan | * |
| sick_ag | field_analytics | * |
| sick_ag | media_server | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Grafana occurs when an excessively long dashboard title or panel name is used, causing Chromium-based browsers to become unresponsive. It is due to improper input validation in Grafana versions before 11.6.2. The issue is fixed in version 11.6.2 and later.
How can this vulnerability impact me? :
The vulnerability can cause Chromium browsers to become unresponsive, leading to a denial of service condition. According to the CVSS v3.1 score of 8.3, it has high impact on confidentiality and integrity, and low impact on availability, meaning it can significantly affect system security and user experience by potentially disrupting access to Grafana dashboards.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the vulnerability in Grafana causing Chromium browsers to become unresponsive due to excessively long dashboard titles or panel names, you should upgrade Grafana to version 11.6.2 or higher where the issue is fixed. Additionally, follow general security best practices such as minimizing network exposure, restricting network access, and implementing network segmentation and access controls as recommended in industrial cybersecurity guidelines. [5]