7 matches found
openSUSE 16 Security Update : grafana (openSUSE-SU-2026:20654-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20654-1 advisory. Changes in grafana: - Update to version 11.6.11: Features and enhancements: Alerting: Add limits for the size of expanded notification templates...
SUSE-SU-2026:1037-1 Security update for grafana
This update for grafana fixes the following issues: - Security issues fixed: - CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 - CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 - CVE-2026-21720: Fixed...
Advisory ROSA-SA-2026-3252
software: grafana 12.1.8 WASP: ROSA-CHROME unaffected versions = grafana-12.1.8-1 affected versions 3s, timeout and permanently block on sending to an unbuffered channel, resulting in linear growth of goroutines and memory exhaustion. CVE-STATUS: The vulnerability has been resolved CVE-REV: To...
CVE-2026-21722 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2026-21722
creationtimestamp| type| source ---|---|--- 2026-02-13 21:44:22+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3meri32vafl27 2026-02-15 01:41:04+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3meufr72izj2x...
Grafana -- Public Dashboards time range restriction on annotations can be bypassed
https://grafana.com/security/security-advisories/cve-2026-21722 reports: Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific...
Linux Distros Unpatched Vulnerability : CVE-2026-21722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read t...