Grafana has released version 9.4, introducing updates like enhanced navigation and custom visualization panels, alongside crucial security patches addressing vulnerabilities CVE-2023-0594, CVE-2023-0507, and CVE-2023-22462. These vulnerabilities involve stored XSS issues in the TraceView panel, geomap plugin, and text panel plugin, each requiring users with Editor roles to exploit. The CVSS scores indicate high to medium severity, highlighting the potential for vertical privilege escalation if malicious JavaScript is executed by users with elevated permissions. To mitigate these risks, users are advised to upgrade their Grafana instances or enable the Content-Security-Policy option. Grafana encourages reporting any further security issues via their security email, with a preference for encrypted messages using their PGP key.