Red Hat Product Errata RHSA-2026:19134 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19134 - Security Advisory Overview Updated Packages Synopsis Important: grafana security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for grafana is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): grafana: Grafana: Information disclosure of data-source passwords via public dashboards (CVE-2026-27877) golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2452293 - CVE-2026-27877 grafana: Grafana: Information disclosure of data-source passwords via public dashboards BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVEs CVE-2026-27877 CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f x86_64 grafana-10.2.6-26.el10_2.x86_64.rpm SHA-256: 1e33041abf47bce3c3a05dcb589afeb4c58897ea3e7f955300380e28d4709016 grafana-debuginfo-10.2.6-26.el10_2.x86_64.rpm SHA-256: 873741cf1d0ea0aa30febdd3b22bc70f6727b3992f20facb062e1fe963b9e8cf grafana-debugsource-10.2.6-26.el10_2.x86_64.rpm SHA-256: aed6bbf06b8f29f52e31d28eda0577959c4741e6c8d6ae97830c4bf4560014a7 grafana-selinux-10.2.6-26.el10_2.x86_64.rpm SHA-256: ce35cc8bc2d4987632588332f441c8281f66ccc3a6942438a43adceb0cc8434d Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f x86_64 grafana-10.2.6-26.el10_2.x86_64.rpm SHA-256: 1e33041abf47bce3c3a05dcb589afeb4c58897ea3e7f955300380e28d4709016 grafana-debuginfo-10.2.6-26.el10_2.x86_64.rpm SHA-256: 873741cf1d0ea0aa30febdd3b22bc70f6727b3992f20facb062e1fe963b9e8cf grafana-debugsource-10.2.6-26.el10_2.x86_64.rpm SHA-256: aed6bbf06b8f29f52e31d28eda0577959c4741e6c8d6ae97830c4bf4560014a7 grafana-selinux-10.2.6-26.el10_2.x86_64.rpm SHA-256: ce35cc8bc2d4987632588332f441c8281f66ccc3a6942438a43adceb0cc8434d Red Hat Enterprise Linux for IBM z Systems 10 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f s390x grafana-10.2.6-26.el10_2.s390x.rpm SHA-256: 6934e0de7d6d32570a458ca7b13ff9d262deff17ead1f7cb43da737a8b8449da grafana-debuginfo-10.2.6-26.el10_2.s390x.rpm SHA-256: da158958fd7a3e7b7ff7577abed4011bc5ee17e58c77e640b18123362e24c31d grafana-debugsource-10.2.6-26.el10_2.s390x.rpm SHA-256: f6f361dabe43e2d505e1eae2c34d28e0735129c5f18892056cfde70aa30d993a grafana-selinux-10.2.6-26.el10_2.s390x.rpm SHA-256: bef6d45121bac4b46c160db6e0fd6a38a479552c2c34af7eda76a07e78bb2f5d Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f s390x grafana-10.2.6-26.el10_2.s390x.rpm SHA-256: 6934e0de7d6d32570a458ca7b13ff9d262deff17ead1f7cb43da737a8b8449da grafana-debuginfo-10.2.6-26.el10_2.s390x.rpm SHA-256: da158958fd7a3e7b7ff7577abed4011bc5ee17e58c77e640b18123362e24c31d grafana-debugsource-10.2.6-26.el10_2.s390x.rpm SHA-256: f6f361dabe43e2d505e1eae2c34d28e0735129c5f18892056cfde70aa30d993a grafana-selinux-10.2.6-26.el10_2.s390x.rpm SHA-256: bef6d45121bac4b46c160db6e0fd6a38a479552c2c34af7eda76a07e78bb2f5d Red Hat Enterprise Linux for Power, little endian 10 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f ppc64le grafana-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 2fde27799ae743cde0641ca2628e3625803cb05294cdbba60f5d047db5084204 grafana-debuginfo-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 875683ff6d03dc5654cadd4ab38ac01489dcb30c1a296b85b9a09443b4fc0182 grafana-debugsource-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 4ec4c7c05e055201fe3cface14bc8eed64194164e634d72d6bae446e31ca7a9b grafana-selinux-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 72f2e7a2eb4b5d0bb7c263f71da8b8fae7a1b24b3e50a5e8e471d1036568f365 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f ppc64le grafana-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 2fde27799ae743cde0641ca2628e3625803cb05294cdbba60f5d047db5084204 grafana-debuginfo-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 875683ff6d03dc5654cadd4ab38ac01489dcb30c1a296b85b9a09443b4fc0182 grafana-debugsource-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 4ec4c7c05e055201fe3cface14bc8eed64194164e634d72d6bae446e31ca7a9b grafana-selinux-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 72f2e7a2eb4b5d0bb7c263f71da8b8fae7a1b24b3e50a5e8e471d1036568f365 Red Hat Enterprise Linux for ARM 64 10 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f aarch64 grafana-10.2.6-26.el10_2.aarch64.rpm SHA-256: 8f3e25a74fd4c1cb70ef47ccbe3849a48f7f2fca5afd1a0594e52648c8ce9034 grafana-debuginfo-10.2.6-26.el10_2.aarch64.rpm SHA-256: 636192673c183cc7bac0146a90f3965b7c372c2043a9283ef2456c0ef23b5973 grafana-debugsource-10.2.6-26.el10_2.aarch64.rpm SHA-256: 94084e79c0ea7c91ab9d1e4b2ab618ded6b729c163d28401c0682bcb076df402 grafana-selinux-10.2.6-26.el10_2.aarch64.rpm SHA-256: 479ce3bc383b516c4a329effd558124249a42197b943e877f7048b9e9ed409fd Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f aarch64 grafana-10.2.6-26.el10_2.aarch64.rpm SHA-256: 8f3e25a74fd4c1cb70ef47ccbe3849a48f7f2fca5afd1a0594e52648c8ce9034 grafana-debuginfo-10.2.6-26.el10_2.aarch64.rpm SHA-256: 636192673c183cc7bac0146a90f3965b7c372c2043a9283ef2456c0ef23b5973 grafana-debugsource-10.2.6-26.el10_2.aarch64.rpm SHA-256: 94084e79c0ea7c91ab9d1e4b2ab618ded6b729c163d28401c0682bcb076df402 grafana-selinux-10.2.6-26.el10_2.aarch64.rpm SHA-256: 479ce3bc383b516c4a329effd558124249a42197b943e877f7048b9e9ed409fd Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f aarch64 grafana-10.2.6-26.el10_2.aarch64.rpm SHA-256: 8f3e25a74fd4c1cb70ef47ccbe3849a48f7f2fca5afd1a0594e52648c8ce9034 grafana-debuginfo-10.2.6-26.el10_2.aarch64.rpm SHA-256: 636192673c183cc7bac0146a90f3965b7c372c2043a9283ef2456c0ef23b5973 grafana-debugsource-10.2.6-26.el10_2.aarch64.rpm SHA-256: 94084e79c0ea7c91ab9d1e4b2ab618ded6b729c163d28401c0682bcb076df402 grafana-selinux-10.2.6-26.el10_2.aarch64.rpm SHA-256: 479ce3bc383b516c4a329effd558124249a42197b943e877f7048b9e9ed409fd Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f s390x grafana-10.2.6-26.el10_2.s390x.rpm SHA-256: 6934e0de7d6d32570a458ca7b13ff9d262deff17ead1f7cb43da737a8b8449da grafana-debuginfo-10.2.6-26.el10_2.s390x.rpm SHA-256: da158958fd7a3e7b7ff7577abed4011bc5ee17e58c77e640b18123362e24c31d grafana-debugsource-10.2.6-26.el10_2.s390x.rpm SHA-256: f6f361dabe43e2d505e1eae2c34d28e0735129c5f18892056cfde70aa30d993a grafana-selinux-10.2.6-26.el10_2.s390x.rpm SHA-256: bef6d45121bac4b46c160db6e0fd6a38a479552c2c34af7eda76a07e78bb2f5d Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 SRPM grafana-10.2.6-26.el10_2.src.rpm SHA-256: 1ed7c03935c9131b5180e13dff79caed23761bc76a40e05044709cc71c401e5f ppc64le grafana-10.2.6-26.el10_2.ppc64le.rpm SHA-256: 2fde27799ae743cde0641ca262