Grafana Enterprise security update: critical severity security fix for CVE-2025-41115
Along with the release of Grafana Enterprise 12.3, we are releasing updated versions of Grafana Enterprise 12.2.1, 12.1.3 and 12.0.6, all of which...
Read more
Single-tenant vs. multi-tenant architecture with Grafana Cloud: A guide to choosing the right...
Learn the pros and cons of each approach so you and your organization come to an informed decision about the architectural approach that best fits...
Read more
Managing access in Grafana: a single stack journey with teams, roles, and real-world patterns
Learn how putting all users in a single Grafana Cloud stack and managing access with teams, roles, and folders can help you and your organization stay...
Read more
Canary tokens: Learn all about the unsung heroes of security at Grafana Labs
Learn why the use of canary tokens let us spot a recent intrusion and swarm quickly in response, and find out why you should be using canary tokens to...
Read more
Grafana security release: Medium and high severity fixes for CVE-2025-6197 and CVE-2025-6023
Today we are releasing security patches for Grafana 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x, which include fixes for CVE-2025-6023 and...
Read more
Enhancing authentication security: Inside Microsoft's open source contribution to Grafana
Discover the new authentication method Microsoft contributed to Grafana OSS and the lessons learned about building trust and being part of an open...
Read more
Grafana security update: Critical severity security release for CVE-2025-5959, CVE-2025-6554,...
We have released updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent to address a critical vulnerability found in a...
Read more
How to detect vulnerable GitHub Actions at scale with Zizmor
In order to harden our infrastructure and pipelines, we have introduced the open source tool Zizmor into our CI/CD pipelines.
Read more
Grafana security update: Medium severity security release for CVE-2025-3415
Today we are releasing security patches for Grafana 12.0.1, 11.6.2, 11.5.5, 11.4.5, 11.3.7, 11.2.10, and 10.4.19 that include a medium severity...
Read more
Grafana security release: Medium and high severity security fixes for CVE-2025-4123 and...
Today we are releasing Grafana 12.0.1, 11.6.2, 11.5.5, 11.4.5, 11.3.7, 11.2.10, and 10.4.19, which include medium and high severity security fixes. If...
Read more
Grafana security release: High severity security fix for CVE-2025-4123
Today we are releasing Grafana 12.0.0+security-01, as well as security patches for all supported versions for a high severity security fix. If you are...
Read more
Grafana security update: post-incident review for GitHub workflow vulnerability and what's next
Our investigation wrapped up on May 12, and we have confirmed that there has been no code modification, unauthorized access to production systems,...
Read more
Introducing SCIM provisioning in Grafana: Enterprise-grade user management made simple
Use SCIM to manage users and teams in Grafana more efficiently. Bring automated user lifecycle management and enhanced security to your observability...
Read more
Grafana security update: no customer impact from GitHub workflow vulnerability
On April 26, an unauthorized user exploited a vulnerability with a GitHub workflow to gain unauthorized access to tokens, all of which have now been...
Read more
Grafana security release: Medium and high severity fixes for CVE-2025-3260, CVE-2025-2703,...
Today we are releasing security patches for Grafana 11.6.0, 11.5.3, 11.4.3, 11.3.5, 11.2.8, and 10.4.17, which include medium and high severity...
Read more