commercial-grafana-12.2

Direct Vulnerabilities

Known vulnerabilities in the commercial-grafana-12.2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-21726

<12.2.10-r0
  • H
Allocation of Resources Without Limits or Throttling

<12.2.10-r0
  • L
GHSA-68m9-983m-f3v5

<12.2.10-r0
  • L
Incorrect Type Conversion or Cast

<12.2.10-r0
  • L
CVE-2026-42507

<12.2.10-r0
  • L
GHSA-xj38-jxc5-rppx

<12.2.10-r0
  • M
Allocation of Resources Without Limits or Throttling

<12.2.10-r0
  • L
GHSA-jwvj-g8pc-cx45

<12.2.10-r0
  • L
GHSA-m4pr-4j3g-9v7v

<12.2.10-r0
  • L
GHSA-w879-237q-wc7r

<12.2.10-r0
  • L
GHSA-45gg-vh54-h5m9

<12.2.10-r0
  • C
CVE-2026-27143

<12.2.10-r0
  • L
Missing Authorization

<12.2.10-r0
  • L
GHSA-7mr4-xjxg-34g6

<12.2.10-r0
  • L
GHSA-x527-x647-q7gg

<12.2.10-r0
  • L
Improper Enforcement of Message Integrity During Transmission in a Communication Channel

<12.2.10-r0
  • L
GHSA-qpw4-5x99-6vjp

<12.2.10-r0
  • L
GHSA-5w89-2c2x-6x66

<12.2.10-r0
  • L
CVE-2026-33816

<12.2.10-r0
  • M
Link Following

<12.2.10-r0
  • L
Improper Certificate Validation

<12.2.10-r0
  • L
GHSA-cqrx-3m42-5p5w

<12.2.10-r0
  • L
GHSA-89gr-r52h-f8rx

<12.2.10-r0
  • L
GHSA-pjcq-xvwq-hhpj

<12.2.10-r0
  • L
GHSA-pc3f-x583-g7j2

<12.2.10-r0
  • H
Integer Overflow or Wraparound

<12.2.10-r0
  • L
GHSA-w9p8-pvxh-rxpj

<12.2.10-r0
  • L
CVE-2026-39821

<12.2.10-r0
  • L
Improper Certificate Validation

<12.2.10-r0
  • L
GHSA-57j5-qwp2-vqp6

<12.2.10-r0
  • L
Uncaught Exception

<12.2.10-r0
  • L
GHSA-hfvc-g4fc-pqhx

<12.2.10-r0
  • M
Cross-site Scripting (XSS)

<12.2.10-r0
  • L
GHSA-q4h4-gmj2-qvw2

<12.2.10-r0
  • L
Deserialization of Untrusted Data

<12.2.10-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<12.2.10-r0
  • L
Resource Exhaustion

<12.2.10-r0
  • L
CVE-2026-32280

<12.2.10-r0
  • L
Improper Verification of Cryptographic Signature

<12.2.10-r0
  • L
CVE-2026-46598

<12.2.10-r0
  • L
Cross-site Scripting (XSS)

<12.2.10-r0
  • L
GHSA-78mq-xcr3-xm33

<12.2.10-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<12.2.10-r0
  • L
GHSA-cfp9-33rc-j74f

<12.2.10-r0
  • L
CVE-2026-27145

<12.2.10-r0
  • L
GHSA-h3gm-q7m7-mp28

<12.2.10-r0
  • L
GHSA-5cgq-3rg8-m6cv

<12.2.10-r0
  • L
Missing Authorization

<12.2.10-r0
  • L
Improper Certificate Validation

<12.2.10-r0
  • H
Improper Certificate Validation

<12.2.10-r0
  • L
GHSA-wf45-q9ch-q8gh

<12.2.10-r0
  • L
CVE-2026-42504

<12.2.10-r0
  • L
GHSA-xgrm-4fwx-7qm8

<12.2.10-r0
  • L
GHSA-f5wc-c3c7-36mc

<12.2.10-r0
  • C
SQL Injection

<12.2.10-r0
  • L
GHSA-xmrv-pmrh-hhx2

<12.2.10-r0
  • L
GHSA-vgwf-h737-ff37

<12.2.10-r0
  • L
CVE-2026-46595

<12.2.10-r0
  • L
GHSA-rm3j-f69w-wqmq

<12.2.10-r0
  • L
GHSA-jrg3-gfjw-hm96

<12.2.10-r0
  • L
GHSA-x4jj-h2v8-hqqv

<12.2.10-r0
  • L
GHSA-wrh2-89vg-4j9g

<12.2.10-r0
  • L
GHSA-5cv4-jp36-h3mw

<12.2.10-r0
  • H
Incorrect Authorization

<12.2.10-r0
  • L
GHSA-cg87-vwwh-xvgj

<12.2.10-r0
  • L
GHSA-w8rr-5gcm-pp58

<12.2.10-r0
  • H
Untrusted Search Path

<12.2.10-r0
  • L
GHSA-gjvh-7jh8-7xhm

<12.2.10-r0
  • L
Integer Overflow or Wraparound

<12.2.10-r0
  • L
GHSA-j88v-2chj-qfwx

<12.2.10-r0
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<12.2.10-r0
  • L
GHSA-mh2q-q3fh-2475

<12.2.10-r0
  • L
Out-of-Bounds

<12.2.10-r0
  • H
Incorrect Authorization

<12.2.10-r0
  • L
GHSA-9m57-25v3-79x9

<12.2.10-r0
  • L
GHSA-h524-452v-82p9

<12.2.10-r0
  • L
Information Exposure

<12.2.10-r0
  • L
Use of Incorrectly-Resolved Name or Reference

<12.2.10-r0
  • L
Uncontrolled Memory Allocation

<12.2.10-r0
  • L
GHSA-h6c8-cww8-35hf

<12.2.10-r0
  • L
CVE-2026-33815

<12.2.10-r0
  • L
Integer Overflow or Wraparound

<12.2.10-r0
  • L
Allocation of Resources Without Limits or Throttling

<12.2.10-r0
  • L
GHSA-497x-rrr9-68jp

<12.2.10-r0
  • L
GHSA-m9x8-m34x-fj9q

<12.2.10-r0
  • L
GHSA-78h2-9frx-2jm8

<12.2.10-r0
  • L
GHSA-9jj7-4m8r-rfcm

<12.2.10-r0
  • L
GHSA-w2q5-6q6x-x959

<12.2.10-r0
  • L
Allocation of Resources Without Limits or Throttling

<12.2.10-r0
  • L
GHSA-jppx-rxg9-jmrx

<12.2.10-r0
  • L
GHSA-4279-q6mj-392r

<12.2.10-r0
  • C
Improper Input Validation

<12.2.10-r0
  • L
Improper Restriction of Rendered UI Layers or Frames

<12.2.10-r0
  • L
GHSA-7f33-f4f5-xwgw

<12.2.8-r0
  • L
Use of a Broken or Risky Cryptographic Algorithm

<12.2.8-r0
  • L
GHSA-f5pg-7wfw-84q9

<12.2.8-r0
  • M
Use of a Broken or Risky Cryptographic Algorithm

<12.2.8-r0
  • L
GHSA-qf3q-3h68-mmh2

<12.2.8-r0
  • L
CVE-2026-39825

<12.2.8-r0
  • L
GHSA-xq5j-9r39-c3vf

<12.2.8-r0
  • L
GHSA-5m4p-2gjx-p2g8

<12.2.8-r0
  • M
Link Following

<12.2.8-r0
  • L
GHSA-8g2r-hhvj-mv99

<12.2.8-r0
  • H
NULL Pointer Dereference

<12.2.8-r0
  • L
GHSA-p9h5-jm8x-mjm5

<12.2.8-r0
  • L
GHSA-2283-wf8c-rw8r

<12.2.8-r0
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<12.2.8-r0
  • L
CVE-2026-42499

<12.2.8-r0
  • L
GHSA-h74g-238j-357m

<12.2.8-r0
  • M
Out-of-bounds Write

<12.2.8-r0
  • L
GHSA-3v2c-x6q9-f697

<12.2.8-r0
  • H
Allocation of Resources Without Limits or Throttling

<12.2.8-r0
  • L
Improper Encoding or Escaping of Output

<12.2.8-r0
  • H
Double Free

<12.2.8-r0
  • L
GHSA-qc64-m6c2-v4x7

<12.2.8-r0
  • L
Cross-site Scripting (XSS)

<12.2.8-r0
  • L
GHSA-497x-jcxf-m478

<12.2.8-r0
  • L
CVE-2026-42501

<12.2.8-r0
  • L
GHSA-6jwv-w5xf-7j27

<12.2.8-r0
  • L
CVE-2026-33817

<12.2.8-r0
  • L
Improper Validation of Array Index

<12.2.8-r0
  • L
GHSA-9h8m-3fm2-qjrq

<12.2.8-r0
  • L
GHSA-p77j-4mvh-x3m3

<12.2.8-r0
  • L
GHSA-q9hv-hpm4-hj6x

<12.2.8-r0
  • L
Improper Verification of Cryptographic Signature

<12.2.8-r0
  • L
GHSA-6g7g-w4f8-9c9x

<12.2.8-r0
  • L
GHSA-479m-364c-43vc

<12.2.8-r0
  • L
Untrusted Search Path

<12.2.8-r0
  • L
Improper Authorization

<12.2.8-r0
  • C
CVE-2026-1229

<12.2.8-r0