Red Hat Product Errata RHSA-2026:19352 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19352 - Security Advisory Overview Updated Packages Synopsis Important: grafana security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): grafana: Grafana: Information disclosure of data-source passwords via public dashboards (CVE-2026-27877) golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2452293 - CVE-2026-27877 grafana: Grafana: Information disclosure of data-source passwords via public dashboards BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVEs CVE-2026-27877 CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 x86_64 grafana-10.2.6-22.el9_8.x86_64.rpm SHA-256: 5ced009df46ca5b73d236957d67040253ab056814e9100ff4e2e2a2c30ba4bc7 grafana-debuginfo-10.2.6-22.el9_8.x86_64.rpm SHA-256: 11fd58fbb68f225054ef9064836566d3f2ae3edcb8530c63cbc41fcd30f8e4b8 grafana-debugsource-10.2.6-22.el9_8.x86_64.rpm SHA-256: 8aa4abdcfbdef34ff550c896402a505c8d93e6437c27cc94da416ac9734cd61f grafana-selinux-10.2.6-22.el9_8.x86_64.rpm SHA-256: e50b50246ba6dbc71e295891e711d10914abb110d1cd6e8f151f1cdf9b095ba8 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 x86_64 grafana-10.2.6-22.el9_8.x86_64.rpm SHA-256: 5ced009df46ca5b73d236957d67040253ab056814e9100ff4e2e2a2c30ba4bc7 grafana-debuginfo-10.2.6-22.el9_8.x86_64.rpm SHA-256: 11fd58fbb68f225054ef9064836566d3f2ae3edcb8530c63cbc41fcd30f8e4b8 grafana-debugsource-10.2.6-22.el9_8.x86_64.rpm SHA-256: 8aa4abdcfbdef34ff550c896402a505c8d93e6437c27cc94da416ac9734cd61f grafana-selinux-10.2.6-22.el9_8.x86_64.rpm SHA-256: e50b50246ba6dbc71e295891e711d10914abb110d1cd6e8f151f1cdf9b095ba8 Red Hat Enterprise Linux for IBM z Systems 9 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 s390x grafana-10.2.6-22.el9_8.s390x.rpm SHA-256: d5c1ae0f5327da151433852cca249ef4e1a6ecf39044dce2d44aaf566d24193e grafana-debuginfo-10.2.6-22.el9_8.s390x.rpm SHA-256: 4575e0e9d68f7e232da1a501bf0818ab99d1bc200d66b465bc1ddcf33c95545d grafana-debugsource-10.2.6-22.el9_8.s390x.rpm SHA-256: 03d61c9514963e2aa9c2b2c51635a674d0bce25b1438192e95198983d6e31708 grafana-selinux-10.2.6-22.el9_8.s390x.rpm SHA-256: 98ba42b49415bb20924710d8a9017fc17a0b269d9e2677e9f68aa9796632126f Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 s390x grafana-10.2.6-22.el9_8.s390x.rpm SHA-256: d5c1ae0f5327da151433852cca249ef4e1a6ecf39044dce2d44aaf566d24193e grafana-debuginfo-10.2.6-22.el9_8.s390x.rpm SHA-256: 4575e0e9d68f7e232da1a501bf0818ab99d1bc200d66b465bc1ddcf33c95545d grafana-debugsource-10.2.6-22.el9_8.s390x.rpm SHA-256: 03d61c9514963e2aa9c2b2c51635a674d0bce25b1438192e95198983d6e31708 grafana-selinux-10.2.6-22.el9_8.s390x.rpm SHA-256: 98ba42b49415bb20924710d8a9017fc17a0b269d9e2677e9f68aa9796632126f Red Hat Enterprise Linux for Power, little endian 9 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 ppc64le grafana-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 6b250bb083884f90d838439b94288a7d0aae753a231504afff0d21185e656ae8 grafana-debuginfo-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d99cd2315eaabda2aef27bda29f8b5d4bcc4ddda825e08ba7802415624f5fc23 grafana-debugsource-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 74d4dcf962123b796a4edb5f0af488105fb80bd7604e68707890dc0d96887679 grafana-selinux-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d9b504f7c52d2161a9793357ad8f4ae7de9ff1955e53c80884895b8b17f549f2 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 ppc64le grafana-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 6b250bb083884f90d838439b94288a7d0aae753a231504afff0d21185e656ae8 grafana-debuginfo-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d99cd2315eaabda2aef27bda29f8b5d4bcc4ddda825e08ba7802415624f5fc23 grafana-debugsource-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 74d4dcf962123b796a4edb5f0af488105fb80bd7604e68707890dc0d96887679 grafana-selinux-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d9b504f7c52d2161a9793357ad8f4ae7de9ff1955e53c80884895b8b17f549f2 Red Hat Enterprise Linux for ARM 64 9 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 aarch64 grafana-10.2.6-22.el9_8.aarch64.rpm SHA-256: 95a4665beb0a050171673c72df2459a14b0840d09cd2691ebf558a0f33572552 grafana-debuginfo-10.2.6-22.el9_8.aarch64.rpm SHA-256: 03a7903f3235e6011c212aefbbc1199bedf67103e6f7af94f15c5f6a72bc2b02 grafana-debugsource-10.2.6-22.el9_8.aarch64.rpm SHA-256: 465dd39d76c031d98fc04069460c2a6ab08cb94820f99d099353918d6ded264f grafana-selinux-10.2.6-22.el9_8.aarch64.rpm SHA-256: db111c2be4d813eec5a4ed858e10d811add1b9b9f0022da6abfb90544eaf5f70 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 aarch64 grafana-10.2.6-22.el9_8.aarch64.rpm SHA-256: 95a4665beb0a050171673c72df2459a14b0840d09cd2691ebf558a0f33572552 grafana-debuginfo-10.2.6-22.el9_8.aarch64.rpm SHA-256: 03a7903f3235e6011c212aefbbc1199bedf67103e6f7af94f15c5f6a72bc2b02 grafana-debugsource-10.2.6-22.el9_8.aarch64.rpm SHA-256: 465dd39d76c031d98fc04069460c2a6ab08cb94820f99d099353918d6ded264f grafana-selinux-10.2.6-22.el9_8.aarch64.rpm SHA-256: db111c2be4d813eec5a4ed858e10d811add1b9b9f0022da6abfb90544eaf5f70 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 ppc64le grafana-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 6b250bb083884f90d838439b94288a7d0aae753a231504afff0d21185e656ae8 grafana-debuginfo-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d99cd2315eaabda2aef27bda29f8b5d4bcc4ddda825e08ba7802415624f5fc23 grafana-debugsource-10.2.6-22.el9_8.ppc64le.rpm SHA-256: 74d4dcf962123b796a4edb5f0af488105fb80bd7604e68707890dc0d96887679 grafana-selinux-10.2.6-22.el9_8.ppc64le.rpm SHA-256: d9b504f7c52d2161a9793357ad8f4ae7de9ff1955e53c80884895b8b17f549f2 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 x86_64 grafana-10.2.6-22.el9_8.x86_64.rpm SHA-256: 5ced009df46ca5b73d236957d67040253ab056814e9100ff4e2e2a2c30ba4bc7 grafana-debuginfo-10.2.6-22.el9_8.x86_64.rpm SHA-256: 11fd58fbb68f225054ef9064836566d3f2ae3edcb8530c63cbc41fcd30f8e4b8 grafana-debugsource-10.2.6-22.el9_8.x86_64.rpm SHA-256: 8aa4abdcfbdef34ff550c896402a505c8d93e6437c27cc94da416ac9734cd61f grafana-selinux-10.2.6-22.el9_8.x86_64.rpm SHA-256: e50b50246ba6dbc71e295891e711d10914abb110d1cd6e8f151f1cdf9b095ba8 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 SRPM grafana-10.2.6-22.el9_8.src.rpm SHA-256: 94ecd5b405cac932fe5137b4f45796feb6e12696380559c7d78ef03eca8a1c69 aarch64 grafana-10.2.6-22.el9_8.aarch64.rpm SHA-256: 95a4665beb0a050171673c72df2459a14b0840d09cd2691ebf558a0f33