CVE-2025-41116

Name of the Vulnerable Software and Affected Versions Grafana Databricks Datasource Plugin versions 1.12.1 through 1.12.0

Description The Grafana Databricks Datasource Plugin has an issue where, with Oauth passthrough enabled, multiple users sharing a single Grafana instance and datasource may experience incorrect user identification. This can lead to unauthorized information disclosure, as data intended for one user may be accessible to others.

Recommendations Update to a version after 1.12.0.