CVE-2026-27879
Received
Received - Intake
Out-of-Memory Crash via Resample Query in Grafana
Publication date: 2026-03-27
Last updated on: 2026-03-31
Assigner: Grafana Labs
Description
Description
A resample query can be used to trigger out-of-memory crashes in Grafana.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| grafana | grafana | From 11.6.14 (inc) to 12.0.0 (exc) |
| grafana | grafana | From 12.1.10 (inc) to 12.2.0 (exc) |
| grafana | grafana | From 12.2.8 (inc) to 12.3.0 (exc) |
| grafana | grafana | From 12.3.6 (inc) to 12.4.0 (exc) |
| grafana | grafana | to 8.0.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-400 | The product does not properly control the allocation and maintenance of a limited resource. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a resample query in Grafana that can be exploited to cause out-of-memory crashes.
How can this vulnerability impact me? :
The vulnerability can lead to out-of-memory crashes in Grafana, which may cause denial of service by making the application unavailable or unstable.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70