14 matches found
CVE-2026-22639
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2026-22639
CVE-2026-22639 (rejected per initial description) concerns Grafana’s Alerting DingDing integration. Multiple connected sources describe an exposure where the integration could be accessed by users with Viewer permissions due to insufficient protection. Fixes are published in Grafana releases 10.4...
CVE-2026-22639
...
CVE-2026-22639
...
PT-2026-3006
Name of the Vulnerable Software and Affected Versions Grafana versions prior to 10.4.19+security-01 Grafana versions prior to 11.2.10+security-01 Grafana versions prior to 11.3.7+security-01 Grafana versions prior to 11.4.5+security-01 Grafana versions prior to 11.5.5+security-01 Grafana versions...
GO-2025-3814 Grafana's insecure DingDing Alert integration exposes sensitive information in github.com/grafana/grafana
Grafana's insecure DingDing Alert integration exposes sensitive information in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...
Grafana's insecure DingDing Alert integration exposes sensitive information
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
GHSA-46M5-8HPJ-P5P5 Grafana's insecure DingDing Alert integration exposes sensitive information
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
UBUNTU-CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
Grafana Alerting DingDing Integration URL Exposed to Viewers
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
Grafana 安全漏洞
Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana that stems from inadequate protecti...
FreeBSD : Grafana -- DingDing contact points exposed in Grafana Alerting (6548cb01-4c33-11f0-8a97-6c3be5272acd)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6548cb01-4c33-11f0-8a97-6c3be5272acd advisory. Grafana Labs reports: An incident occurred where the DingDing alerting integration URL was inadvertentl...
PT-2025-25459
Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A medium-severity flaw in Grafana Alerting exposes sensitive DingDing contact point URLs to viewers. This issue may lead to data exposure. Recommendations Update to a patched version to resol...