Grafana recently addressed a medium severity security vulnerability, CVE-2024-9476, found in the Grafana Cloud Migration Assistant, a feature available in public preview from version 11.2.0. This vulnerability allowed unauthorized access to resources across different organizations within the same Grafana instance, affecting users utilizing the Organizations feature. Grafana has released patched versions 11.3.0+security-01 and 11.2.3+security-01 to rectify the issue, urging users to upgrade promptly. The vulnerability was discovered during internal testing, and immediate steps were taken to disable the problematic feature, which has since been re-enabled following the application of security patches. Grafana Labs encourages users to report security issues through their dedicated page and provides detailed timelines and post-incident reviews to ensure transparency.