ALSA-2026:6382 Important: grafana security update

🗓️ 01 Apr 2026 00:00:00Reported by GoogleType

osv

osv🔗 osv.dev👁 2 Views

Grafana security update fixes IP version six host parsing in network URL handling (CVE-2026-25679).

Reporter	Title	Published	Views	Family All 1906
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality (CVE-2026-25679)	7 May 202609:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities	20 May 202615:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]	21 May 202615:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization	14 May 202611:11	–	ibm
ATTACKERKB	CVE-2026-25679	6 Mar 202621:28	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1482)	30 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : credentials-fetcher (ALAS2023-2026-1501)	1 Apr 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1507)	1 Apr 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : golist (ALAS2023-2026-1513)	1 Apr 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1534)	13 Apr 202600:00	–	nessus

Source	Link
access	www.access.redhat.com/errata/RHSA-2026:6382
access	www.access.redhat.com/security/cve/CVE-2026-25679
bugzilla	www.bugzilla.redhat.com/2445356
errata	www.errata.almalinux.org/9/ALSA-2026-6382.html

03 Apr 2026 08:00Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.17.5

EPSS0.00044

SSVC

Grafana security update IP version six network URL parsing vulnerability 2026-25679