217 matches found
Grafana 3.0.1-7.0.1 - Server-Side Request Forgery
Grafana 3.0.1 through 7.0.1 is susceptible to server-side request forgery via the avatar feature, which can lead to remote code execution. Any unauthenticated user/client can make Grafana send HTTP requests to any URL and return its result. This can be used to gain information about the network...
openSUSE 16 Security Update : grafana (openSUSE-SU-2026:20940-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20940-1 advisory. Changes in grafana: - CVE-2026-39821: Fix validation bypass and privilege escalation by updating golang.org/x/net to version 0.55.0 bsc1266600 -...
GHSA-8396-JFFM-QX4W vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2026-48096 vulnerabilities
Vulnerabilities for packages: grafana...
ROS-20260605-73-0046
The vulnerability in Grafana relates to the unencrypted storage of user data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
CVE-2026-28374 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2026-28380 vulnerabilities
Vulnerabilities for packages: grafana, grafana-fips...
RockyLinux 9 : grafana (RLSA-2026:19352)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19352 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 golang: internal/syscall/unix: Root.Chmod can...
FreeBSD : Grafana -- Query resampling can cause unbounded memory allocations (c079e809-5900-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c079e809-5900-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27879 reports: A resample query can be used t...
Unity Linux 20.1060e / 20.1070e Security Update: grafana (UTSA-2026-016632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016632 advisory. Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 contains a directory traversal vulnerability for full...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 9 : grafana (RHSA-2026:19352)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19352 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana:...
ROS-20260515-73-0013
Vulnerability in grafana related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges...
RHEL 8 : grafana (RHSA-2026:11507)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11507 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang:...
MiracleLinux 9 : grafana-10.2.6-20.el9_7 (AXSA:2026-526:11)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-526:11 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
AlmaLinux 10 : grafana (ALSA-2026:10223)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10223 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
RHEL 9 : grafana (RHSA-2026:11416)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11416 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
RockyLinux 9 : grafana (RLSA-2026:10226)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:10226 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
RHEL 9 : grafana (RHSA-2026:10226)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10226 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Grafana:...
RHEL 9 : grafana (RHSA-2026:8847)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8847 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: net/url: Incorrect...