CVE-2026-42129 Path traversal in the Loki data source plugin
A user with Viewer permissions can use a path traversal in the Loki data source plugin to reach administrative Loki endpoints and read sensitive backend configuration and internal service information...