Grafana v13.0.2 released on 09-06-2026

Grafana v13.0.2 is out now. It addresses a set of security vulnerabilities (CVE-2026-9029, CVE-2026-33382, CVE-2026-42127, CVE-2026-42129, CVE-2026-10601, CVE-2026-8609, CVE-2026-8595) and includes provisioning, Git integration, runtime and UX fixes, so operators and users should upgrade promptly to remediate known issues.
Download and full notes are available from the Grafana download page and the What’s new highlights: Download page · What’s new highlights
What’s in this release
- Security fixes for CVE-2026-9029, CVE-2026-33382, CVE-2026-42127, CVE-2026-42129, CVE-2026-10601, CVE-2026-8609 and CVE-2026-8595.
- Provisioning and Git improvements: repository uniqueness is now scoped by (URL, branch, path); git pushes negotiate receive-pack capabilities; per-verb fallback added for the files subresource; folders no longer marked pending because of _folder.json metadata; ruleset bypass respected for write workflow validation; folder UID-too-long and other 4xx validation errors surfaced as sync warnings; nanogit bumped to v0.17.0; public_root_url instance setting added; Alpine-based Docker images bumped to 3.23.4 and Go updated to 1.26.3.
- Dashboard, homepage and data-source fixes: provisioned save shows Kubernetes format; homepage can load v2 dashboards from files; LibraryPanels return 403 for insufficient permissions instead of 500; k8s dashboards permission check fixed to use dashboards:create; fixes for Mixed panels on time-range changes, Jaeger trace view timestamp conversion, PostgreSQL EXPLAIN results and a quick Enterprise RBAC global datasource permissions fix.
Upgrade notes
- Upgrade is recommended immediately to address the listed CVEs — obtain the release from the Grafana download page: https://grafana.com/grafana/download/13.0.2.
- No breaking changes are listed in the release notes; if a rollback is required, revert to your previous release using your normal downgrade procedure and files available from the download page.
Share comments on your upgrade experience or any issues you encounter on the project’s GitHub issues or community channels.


