Grafana Labs has released new versions 9.5.3, 9.4.12, 9.3.15, 9.2.19, and 8.5.26 to address security vulnerabilities CVE-2023-2183, which involves broken access control allowing a Viewer role to send test alerts, and CVE-2023-2801, a data source query vulnerability that can crash a Grafana instance. The patches have been applied to Grafana Cloud, and major cloud providers like Amazon and Azure have ensured their versions are secure. The CVE-2023-2183 vulnerability has a medium severity score of 4.1, while CVE-2023-2801 is considered high with a score of 7.5 when public dashboards are enabled. To mitigate these vulnerabilities, users are advised to upgrade their Grafana instances and apply specific patches to prevent mixed query concurrent calls. Grafana encourages reporting security issues via their dedicated email, where security vulnerabilities are to be encrypted with their PGP key for privacy.