Grafana has released versions 7.5.11 and 8.1.6 to address a critical security vulnerability, CVE-2021-39226, affecting all versions since 2.0.1, which allows unauthorized users to view and delete snapshots through specific API paths. The vulnerability was reported on September 15, 2021, and measures were quickly implemented to protect Grafana Cloud instances, with updates provided to Grafana Enterprise customers under embargo. The issue, which was deemed critical due to the potential for data loss and unauthorized access, was resolved with patch releases, and users are encouraged to upgrade to the latest versions or use workarounds like blocking access to vulnerable paths. The vulnerability was responsibly disclosed by Tran Viet Tuan, and Grafana Labs has provided channels for reporting future security concerns, while also maintaining a Security Announcements section for updates on such issues.