20 matches found
Oracle Linux 9 : grafana (ELSA-2026-6382)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6382 advisory. - Resolves RHEL-158728: CVE-2026-25679 - Resolves RHEL-144959: CVE-2026-21721 - Resolves RHEL-146863: CVE-2025-61726 - Resolves RHEL-147081: CVE-2025-61729 -...
grafana security update
10.2.6-19 - Resolves RHEL-158728: CVE-2026-25679 10.2.6-17 - Resolves RHEL-144959: CVE-2026-21721 - Resolves RHEL-146863: CVE-2025-61726 - Resolves RHEL-147081: CVE-2025-61729 - Resolves RHEL-147370: CVE-2025-61728 - Resolves RHEL-149621: CVE-2025-68121 10.2.6-17 - Resolves RHEL-125692:...
SUSE-SU-2026:1037-1 Security update for grafana
This update for grafana fixes the following issues: - Security issues fixed: - CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 - CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 - CVE-2026-21720: Fixed...
CLSA-2026-1772812307 grafana: Fix of CVE-2026-21721
CVE-2026-21721: Fix dashboard permissions API; verify target dashboard scope and prevent users with permission-management rights on one dashboard from reading or modifying permissions on other dashboards...
RHEL 9 : grafana (RHSA-2026:3529)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3529 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes:...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RockyLinux 10 : grafana (RLSA-2026:2914)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2914 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729...
CVE-2026-21721 vulnerabilities
Vulnerabilities for packages: grafana...
grafana security update
An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor f...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
RHEL 10 : grafana (RHSA-2026:3078)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3078 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes:...
MiracleLinux 9 : grafana-10.2.6-18.el9_7 (AXSA:2026-210:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-210:03 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729...
Oracle Linux 9 : grafana (ELSA-2026-2920)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2920 advisory. - Resolves RHEL-144959: CVE-2026-21721 - Resolves RHEL-146863: CVE-2025-61726 - Resolves RHEL-147081: CVE-2025-61729 - Resolves RHEL-147370:...
RHEL 9 : grafana (RHSA-2026:2920)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2920 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509:...
Oracle Linux 10 : grafana (ELSA-2026-2914)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2914 advisory. - Resolves RHEL-144948: CVE-2026-21721 - Resolves RHEL-146721: CVE-2025-61726 - Resolves RHEL-146926: CVE-2025-61729 - Resolves RHEL-147351:...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RHEL 10 : grafana (RHSA-2026:2914)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2914 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509:...
Grafana Labs 10.2.0 < 11.6.9+security-01 / 12.0.0 < 12.0.8+security-01 / 12.1.0 < 12.1.5+security-01 / 12.2.0 < 12.2.3+security-01 / 12.3.0 < 12.3.1+security-01 Privilege Escalation (CVE-2026-21721)
The version of Grafana Labs installed on the remote host is affected by a privilege escalation vulnerability as referenced in the CVE-2026-21721 advisory. - The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a...
CVE-2026-21721
An authorization error has been discovered in Grafana dashboards. The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions ...
CVE-2026-21721 Dashboard Permissions Scope Bypass Enables Cross‑Dashboard Privilege Escalation
The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege...