CVE-2025-41118 | Grafana Pyroscope up to 1.15.x API secret_key Remote Code Execution

A vulnerability was found in Grafana Pyroscope up to 1.15.x. It has been classified as critical. This impacts an unknown function of the component API. This manipulation of the argument secret_key causes Remote Code Execution.

This vulnerability is tracked as CVE-2025-41118. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More