A vulnerability has been found in Grafana OSS 12.4.0 and classified as problematic . The affected element is the function sanitizeTextPanelContent of the component Template String Handler . This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2026-9029 . The attack is possible to be carried out remotely. No exploit exists.