Bleeping Computer

Grafana releases critical security update for Image Renderer plugin

Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent. Although the issues impact Chromium and were ...
CSOonline

Flaws in a pair of Grafana plugins could hand over DevOps control

Users must configure updated settings in SQLite and Infinity plugins to defend against attackers gaining admin privileges on Grafana instances. Two now-patched critical flaws in Grafana’s plugin ...
Bleeping Computer

Over 46,000 Grafana instances exposed to account takeover bug

More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability that allows executing a malicious plugin and account takeover. The flaw is ...