Version 0.12.0 of the Synthetic Monitoring Agent has been released to address a high-severity vulnerability, CVE-2022-46156, which pertains to the exposure of API tokens through a debug endpoint initially enabled by default. The vulnerability, reported by a Grafana community member, has a CVSS score of 7.2, indicating significant risk for users running the agent on their local networks. Grafana Labs has responded by disabling the debug endpoint in version 0.11.2 and making further security improvements in version 0.12.0, such as allowing the use of environment variables for API tokens and setting the HTTP server to listen on localhost by default. While Grafana Labs' managed agents are not affected, users are urged to upgrade to version 0.12.0 promptly and rotate their agent tokens, reviewing their configurations to ensure secure settings. Additionally, users of previous versions should consider altering their settings to minimize exposure by configuring the HTTP listening address. Grafana encourages users to report any security issues to their dedicated email address and provides resources for further inquiries about the advisory.