Grafana has released versions 5.4.5 and 6.3.4 to address a critical security vulnerability, identified as CVE-2019-15043, which affected versions 2.0.0 to 6.3.3. This vulnerability allowed unauthorized access to parts of the Grafana HTTP API, potentially enabling denial-of-service attacks. The issue was reported on August 12, 2019, and a series of actions were taken to confirm, address, and mitigate the vulnerability, including patching Grafana Cloud instances and providing updated binaries to Grafana Enterprise customers. Users running affected versions are urged to upgrade to the latest releases to ensure security. Grafana also encourages reporting potential security vulnerabilities via its dedicated security email, with communications preferably encrypted using their PGP key. Security announcements and updates are available through their community site and RSS feed.