The current version of Grafana is 13.1.0 (as of 01/07/2026).
Grafana
Grafana Labs · current 13.1.0
Actively exploited vulnerabilities
The US cybersecurity agency CISA lists these vulnerabilities in its catalog of Known Exploited Vulnerabilities. Check your version and patch or mitigate promptly.
- CVE-2021-39226Grafana Authentication Bypass Vulnerability
- CVE-2021-43798Grafana Path Traversal Vulnerability
Source: CISA KEV. The CVE is matched to the product automatically — when in doubt, the linked NVD entry applies.
Grafana at a glance
Grafana is the de-facto standard for observability dashboards, visualizing metrics, logs and traces from many data sources. Grafana Labs ships frequent releases plus security fixes; as a dashboard often reachable from the network and holding data-source credentials, it deserves prompt updates.
For admins updates are usually straightforward (swap the binary/container); larger jumps can bring configuration and plugin changes — read the upgrade notes and back up the database first. Plugins have their own cycles. Grafana belongs behind authentication (ideally SSO) and off the open internet, since a dashboard can expose a lot about the infrastructure and its data sources. Several Grafana advisories concerned authentication and data-source proxying, so apply security releases promptly. Track the version and its support status.
Support cycles (endoflife.date)
| Cycle | Latest version | Status |
|---|---|---|
| 13.1 | 13.1.0 | EOL 20 Mar 27 |
| 13.0 | 13.0.3 | EOL 9 Jan 27 |
| 12.4 | 12.4.5 | EOL 24 May 27 |
| 12.3 | 12.3.8 | EOL in 40 days |
| 12.2 | 12.2.10 | End of Life |
| 12.1 | 12.1.10+security-01 | End of Life |
| 12.0 | 12.0.10 | End of Life |
| 11.6 | 11.6.16 | End of Life |
Release history · as detected by patchletter
| Version | Channel | Date | Notes |
|---|---|---|---|
| 13.1.0 | STABLE | 01/07/2026 | Release notes → |
Never miss a Grafana update
We check the source daily and email you — instantly or as a digest. Free, one-click unsubscribe.
Watch Grafana