17 matches found
Oracle Linux 9 : grafana (ELSA-2026-19352)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19352 advisory. - Resolves RHEL-161803: CVE-2026-27877 - Resolves RHEL-166678: CVE-2026-32282 Tenable has extracted the preceding description block directly from the...
MiracleLinux 9 : grafana-10.2.6-20.el9_7 (AXSA:2026-526:11)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-526:11 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
AlmaLinux 9 : grafana (ALSA-2026:10226)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10226 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
RHEL 9 : grafana (RHSA-2026:11416)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11416 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
grafana security update
An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...
RLSA-2026:10226 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 For more details about the security issues, including the impact, a...
RockyLinux 9 : grafana (RLSA-2026:10226)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:10226 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RHEL 9 : grafana (RHSA-2026:10226)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10226 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
Oracle Linux 10 : grafana (ELSA-2026-10223)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10223 advisory. 10.2.6-24 - Resolves RHEL-161790: CVE-2026-27877 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Oracle Linux 9 : grafana (ELSA-2026-10226)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-10226 advisory. 10.2.6-20 - Resolves RHEL-161802: CVE-2026-27877 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
RHEL 10 : grafana (RHSA-2026:10223)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10223 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
ALSA-2026:10223 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 For more details about the security issues, including the impact, a...
Grafana 9.3.0 < 11.6.14 / 12.0.0 < 12.1.10 / 12.2.0 < 12.2.8 / 12.3.0 < 12.3.6 / 12.4.0 < 12.4.2 Information Disclosure (CVE-2026-27877)
The version of Grafana installed on the remote host is 9.3.x through 11.6.x prior to 11.6.14, 12.0.x through 12.1.x prior to 12.1.10, 12.2.x prior to 12.2.8, 12.3.x prior to 12.3.6, or 12.4.x prior to 12.4.2. It is, therefore, affected by an information disclosure vulnerability: - When using publ...
CVE-2026-27877
CVE-2026-27877 affects Grafana where, when using public dashboards with direct data-sources, passwords for those data-sources are exposed. The root cause is direct data-source password handling leaking in such dashboards. The advisory recommends converting direct data-sources to proxied data-sour...
CVE-2026-27877 Public dashboards discloses all direct mode datasources
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve...