Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for grafana fixes the following issues: * Security issues fixed: * CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136) * CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337) * CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349) * CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340) * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (bsc#1245302) * Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes: * Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and removed blurred backgrounds from UI overlays to speed up the interface.
* bsc#1245302
* bsc#1255340
* bsc#1257337
* bsc#1257349
* bsc#1258136
* jsc#MSQA-1045
Cross-
* CVE-2025-3415
* CVE-2025-68156
* CVE-2026-21720
* CVE-2026-21721
* CVE-2026-21722
CVSS scores:
* CVE-2025-3415 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-3415 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-3415 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-68156 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-68156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-21720 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Get the latest Linux and open source security news straight to your inbox.