Grafana v12.4.2 released on 25-03-2026
Grafana v12.4.2 is out now. Screen‑reader users, dashboard editors and administrators running plugins in restricted or multi‑tenant environments will see accessibility, dashboard UX and plugin runtime fixes that reduce friction and improve stability.
For downloads, full whats‑new details and the complete changelog, see the Grafana download page and release notes on Grafana.com.
What’s in this release
- Improved accessibility and dashboard UX: better VoiceOver support in the Analytics tab (Enterprise), dashboard focus no longer opens the time‑zone menu, and version history now resolves display names by identity.
- Plugin integration and runtime fixes: AWS SDK credential chain environment variables are forwarded to external AWS plugins, PLUGIN_UNIX_SOCKET_DIR is passed to plugin processes to avoid tmp‑dir issues, and the plugin installer’s IsDisabled check was corrected.
- IAM and cross‑org safety plus security fixes: handles NULL team_member.external to prevent dashboard loading crashes, prevents unintended CRUD on public dashboards from other organisations, and includes fixes for multiple CVEs (CVE-2026-27876, CVE-2026-27877, CVE-2026-28375, CVE-2026-27879, CVE-2026-27880).
Upgrade notes
- Security fixes address multiple CVEs; upgrade to v12.4.2 is recommended for public‑facing instances, setups that permit untrusted plugins, or multi‑tenant environments — download from the Grafana download page and consult the release notes.
- No special rollback steps are listed in the release notes; follow your usual upgrade and rollback procedures and check plugin compatibility if you need to revert.
Share comments on your upgrade experience or any odd behaviour you spot after updating — it helps the community and maintainers catch regressions sooner.