grafana-10.2.6-20.el9_7

エラータID: AXSA:2026-526:11

Release date: 
Monday, May 4, 2026 - 10:35
Subject: 
grafana-10.2.6-20.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

* grafana: Grafana: Information disclosure of data-source passwords via public dashboards (CVE-2026-27877)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve your deployments' security.

Solution: 

Update packages.

CVEs: 
CVE-2026-27877
When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve your deployments' security.
Additional Info: 

N/A

Download: 

SRPMS
  1. grafana-10.2.6-20.el9_7.src.rpm
    MD5: b3a15c1e08fa1b1cefd8894c7433659a
    SHA-256: 81d7bf49a3501d720cbef30f74f3147d7ca02b8027cad08b6808b928cd2bda9d
    Size: 335.91 MB

Asianux Server 9 for x86_64
  1. grafana-10.2.6-20.el9_7.x86_64.rpm
    MD5: 55290d4c06804a4f11d70fd0dbd0c6e2
    SHA-256: 753c2ec0f6dea2f12cd7fa2e14d43e3cfda335a2bcbd9c20e7cc8f516be57266
    Size: 113.28 MB
  2. grafana-selinux-10.2.6-20.el9_7.x86_64.rpm
    MD5: ae242eb92640afda01454b6e65aabecb
    SHA-256: 1fddcf6239722c004a350e627a569fca883f5fa5562f8edde500d7b559fc584b
    Size: 24.84 kB