{"data":{"id":"d8e3fcb3-e8f8-4f70-9b9f-123f375fcf6c","title":"Zero‑click Grafana AI attack can enable enterprise data exfiltration","summary":"GrafanaGhost is a critical vulnerability in Grafana (a data visualization platform) that uses indirect prompt injection (tricking an AI by hiding malicious instructions in data it processes) to steal sensitive enterprise data without requiring user authentication or interaction. Attackers chain together multiple exploits, including bypassing URL validation and AI safety guardrails, to trick Grafana's AI into sending confidential information to attacker-controlled servers.","solution":"Grafana has rolled out a fix for this issue. Additionally, security experts recommend: identifying exposure by checking whether Grafana AI/LLM features are enabled, patching to the latest version, restricting \"img-src\" (image source permissions) to known domains, and applying egress controls (network rules that limit outbound data traffic).","labels":["security","safety"],"sourceUrl":"https://www.csoonline.com/article/4155004/zero%e2%80%91click-grafana-ai-attack-can-enable-enterprise-data-exfiltration.html","publishedAt":"2026-04-07T12:47:10.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Grafana","Grafana AI"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-07T12:47:10.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}