Skip to content

Release history

grafana releases

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

Back to tool Latest release

All releases

41 shown

v12.3.6+security-04 Security relevant
⚠ Upgrade required
  • Alertmanager config updates no longer error when autogenerated receivers are present.
Security fixes
  • CVE-2026-28374
  • CVE-2026-28376
  • CVE-2026-28383
Full changelog

Download page
What's new highlights

Bug fixes

  • Alerting: Fix error when updating Alertmanager config with autogenerated receivers #113712, @moustafab
  • Security: CVE-2026-28374
  • Security: CVE-2026-28376
  • Security: CVE-2026-28383
  • Security: CVE-2026-28380
  • Security: CVE-2026-33376
  • Security: CVE-2026-28379
  • Security: CVE-2026-33377
  • Security: CVE-2026-33378
  • Security: CVE-2026-33381
  • Security: CVE-2026-33380
View release on GitHub
v12.4.3+security-02 Security relevant
Security fixes
  • CVE-2026-28374
  • CVE-2026-28376
  • CVE-2026-28383
Full changelog

Download page
What's new highlights

  • Security: CVE-2026-28374
  • Security: CVE-2026-28376
  • Security: CVE-2026-28383
  • Security: CVE-2026-28380
  • Security: CVE-2026-33376
  • Security: CVE-2026-28379
  • Security: CVE-2026-33377
  • Security: CVE-2026-33378
  • Security: CVE-2026-33381
  • Security: CVE-2026-33380
View release on GitHub
No immediate action
v12.2.8+security-04 Security relevant

Security patches across supported versions.

Open
No immediate action
v11.6.14+security-04 Security relevant

Security fixes

Open
v13.0.1+security-01 Security relevant
Security fixes
  • CVE-2026-28374
  • CVE-2026-28376
  • CVE-2026-28383
Full changelog

Download page
What's new highlights

  • Security: CVE-2026-28374
  • Security: CVE-2026-28376
  • Security: CVE-2026-28383
  • Security: CVE-2026-28380
  • Security: CVE-2026-33376
  • Security: CVE-2026-28379
  • Security: CVE-2026-33377
  • Security: CVE-2026-33378
  • Security: CVE-2026-33381
  • Security: CVE-2026-33380
View release on GitHub
v13.0.1 Mixed
Notable features
  • Preserve timezone user-preference when converting V1 → V2 dashboards
  • Include dashboard validation errors in pull request comments
Full changelog

Download page
What's new highlights

Features and enhancements

Bug fixes

View release on GitHub
v13.0.0 Breaking risk
Breaking changes
  • Legacy APIs made internal only
  • Legacy notification permission actions deprecated
  • Provisioning alert rule endpoints deprecated
Security fixes
  • CVE-2026-27876
  • CVE-2026-27877
  • CVE-2026-28375
Notable features
  • Colorblind-safe color palette for visualizations
  • Alert Activity page with notification history and instance details
  • Silence view page for managing alert silences
View release on GitHub
v12.3.6 Security relevant
Security fixes
  • CVE-2026-27876
  • CVE-2026-27877
  • CVE-2026-28375
Notable features
  • CRUD operation protection for public dashboards across organizations
View release on GitHub
v12.4.2 Security relevant
Security fixes
  • CVE-2026-27876
  • CVE-2026-27877
  • CVE-2026-28375
Notable features
  • AWS SDK credential forwarding to plugins
  • CRUD protection for public dashboards across organizations
  • Accessibility improvements for dashboards
View release on GitHub
v12.2.7 Maintenance
Notable features
  • Custom CA certificate support in Image Renderer
  • Go 1.25.8 update
View release on GitHub
v12.3.5 Maintenance
Notable features
  • Custom CA certificate support in Image Renderer
  • Go runtime updated to 1.25.8
View release on GitHub
v12.4.1 New feature
Notable features
  • Added custom CA certificate support in Image Renderer
  • Updated Go to 1.25.8
  • Improved scope resolver cache invalidation
View release on GitHub
v12.4.0 New feature
Notable features
  • Alerting enrichment RBAC permissions
  • Saved searches for alert rules
  • Policy selector in alert rule form
View release on GitHub
v12.3.4 Bug fix

Fixed datasource variable templating in dashboard exports and resolved missing object issues in provisioning. These fixes improve the reliability of dashboard management workflows.

View release on GitHub
v12.2.6 Bug fix

Fixed datasource variable templating in dashboard exports to properly substitute configuration variables when exporting dashboards.

View release on GitHub
v12.1.8 Bug fix

Fixed datasource variable templating in dashboard exports to properly substitute configuration variables when exporting dashboards.

View release on GitHub
v12.3.3 Breaking risk
Breaking changes
  • Removed support for org_id=0 in correlations
Security fixes
  • HTML sanitization in TraceView
  • Public dashboard annotation security with timerange handling
Notable features
  • Notification template size limits
  • TraceView HTML sanitization
  • Public dashboard annotation security
View release on GitHub
v11.6.11 Breaking risk
Breaking changes
  • Removed support for org_id=0 in correlations
Security fixes
  • Public dashboard annotation security improvement
Notable features
  • Notification template size limits
  • Enhanced public dashboard annotation security
View release on GitHub
v12.0.10 Security relevant
Security fixes
  • Public dashboards annotations: use dashboard timerange if time selection disabled
View release on GitHub
v12.1.7 Breaking risk
Breaking changes
  • Removed support for org_id=0 in correlations
Security fixes
  • Public dashboards annotations: use dashboard timerange if time selection disabled
Notable features
  • Notification template size limits
View release on GitHub
v12.2.5 Breaking risk
Breaking changes
  • Removed support for org_id=0 in correlations
Security fixes
  • Public dashboards annotations: use dashboard timerange if time selection disabled
  • TraceView: Sanitized HTML to prevent XSS
View release on GitHub
v12.3.2+security-01 Maintenance

Security patches applied to grafana. Update recommended.

View release on GitHub
v12.2.4+security-01 Maintenance

Security patches applied to grafana. Update recommended.

View release on GitHub
v12.1.6+security-01 Maintenance

Security patches applied to grafana. Update recommended.

View release on GitHub
v11.6.10+security-01 Maintenance

Security patches applied to grafana. Update recommended.

View release on GitHub
v12.3.2 Bug fix
Notable features
  • API scope validation on dashboards
  • Avatar improvements
  • Explore legend reset
View release on GitHub
v12.2.4 New feature
Notable features
  • API scope validation on dashboards
  • Avatar sign-in and timeout handling
  • Explore legend reset on new queries
View release on GitHub
v12.1.6

{"summary": "Added a missing scope check on dashboards API, updated Go to 1.25.6, and fixed a race condition panic in Alerting ResetStateByRuleUID. Avatar functionality now requires sign-in, removes the queue, and respects timeout.", "summary_short": "Added dashboard API scope checks, updated Go, and fixed alerting race condition panic.", "severity": "mixed", "who_should_care": "Administrators managing dashboard permissions, alert rule configuration, and Go runtime dependencies.", "topics": ["ap

View release on GitHub

Beta — feedback welcome: [email protected]