Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
7.5

Grafana with PCP Plugin: Unauthenticated Data Exposure

RHSA-2026:3812
Summary

A security update is available for Grafana with the PCP plugin, which is used to display performance metrics. If left unpatched, an attacker could access sensitive performance data without needing a login. Update Grafana and the PCP plugin to the latest version to fix this issue.

What to do
  • Update redhat grafana-pcp to version 0:3.2.0-3.el8_6.
  • Update redhat grafana-pcp-debuginfo to version 0:3.2.0-3.el8_6.
Affected software
VendorProductAffected versionsFix available
redhat grafana-pcp <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
redhat grafana-pcp-debuginfo <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
redhat grafana-pcp <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
redhat grafana-pcp-debuginfo <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
redhat grafana-pcp <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
redhat grafana-pcp-debuginfo <= 0:3.2.0-3.el8_6 0:3.2.0-3.el8_6
Published: 5 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026