CVE-2025-41116 – Incorrect oauth passthrough in Grafana Snowflake Datasource

CVE ID : CVE-2025-41116

Published : Nov. 11, 2025, 9:15 p.m. | 16 minutes ago

Description : When using the Grafana Databricks Datasource Plugin,
if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it  could result in 

the wrong user identifier being used, and information for which the viewer is not authorized being returned. 

This issue affects Grafana Databricks Datasource Plugin: from 1.12.1 before 1.12.0

Severity: 2.1 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…