Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 498
Alerts This Week
Warning Icon 1 498

openSUSE Grafana Moderate Information Disclosure Fix 2026-21351-1

opensuse
Calendar Grey July 15, 2026
Dist Opensuse Esm H88
An important security update for Grafana on openSUSE fixes several issues and vulnerabilities to enhance system protection.
An update that solves 3 vulnerabilities and has 2 bug fixes can now be installed.

Description

This update for grafana fixes the following issues:

Changes in grafana:

- Add UI web assets as additional source tarball

- Update to version 12.4.5 (jsc#PED-16512):

* Datasources: return 400 when payload UID does not match URL UID

in PUT /api/datasources/uid/:uid

- Update to version 12.4.4:

* Security and quality updates.

* Various bug fixes and enhancements.

- Update to version 12.4.3:

* Analytics: Keep internal dashboard id.

* Go: Update to 1.25.9.

* Reporting: Correctly apply appSubURL to report settings

requests.

* Alerting: Document Grafana HA Alertmanager cluster metrics

prefix change.

- Update to version 12.4.2:

* Various bug fixes and performance improvements.

* Dependency updates to core plugins and UI libraries.

- Update to version 12.4.1:

* Bug fixes and minor quality-of-life enhancements.

* Updates to data source provisioning and dashboard schemas.

- Update to version 12.4.0:

* Introduced dynamic dashboards...

Read the Full Advisory

Patch

Package List

- openSUSE Leap 16.0:

grafana-12.4.5-bp160.1.1

References

* bsc#1262187

* bsc#1263272

References:

* https://www.suse.com/security/cve/CVE-2025-12141.html

* https://www.suse.com/security/cve/CVE-2026-21725.html

* https://www.suse.com/security/cve/CVE-2026-41607.html

Severity
moderate
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:21351-1
Rating: moderate
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.