Grafana v12.4.2 released on 25-03-2026
Grafana v12.4.2 is out now. It brings accessibility and dashboard UX improvements, fixes plugin runtime and installer behaviour, and addresses several security vulnerabilities.
For full downloads and the detailed changelog, see the official Grafana download page and what’s-new notes: Download page · What’s new highlights.
What’s in this release
- Accessibility and dashboard UX: improved voice-over support in the Analytics tab (Enterprise), prevent the time‑zone menu opening on focus, resolve display names by identity in dashboard version history, and block unintended CRUD operations on public dashboards originating from other organisations.
- Plugin runtime and installer fixes: forwards AWS SDK credential-chain environment variables to external AWS plugins, forwards PLUGIN_UNIX_SOCKET_DIR into plugin processes for restricted environments, and corrects the plugin installer IsDisabled condition.
- Security and reliability fixes: makes dashboard loading robust against NULL team_member.external values in IAM data and fixes multiple CVEs (CVE-2026-27876, CVE-2026-27877, CVE-2026-28375, CVE-2026-27879, CVE-2026-27880).
Upgrade notes
- Apply the update to affected installations to receive the CVE fixes listed above; use the Grafana download page for official builds and instructions.
- If you run external plugins or operate in restricted environments, verify that AWS credential-chain variables and PLUGIN_UNIX_SOCKET_DIR are correctly passed through after upgrading; if issues arise, follow your normal rollback procedures and check plugin environment handling.
Please share any feedback or problems you encounter when upgrading so others can learn from your experience.