CVE-2026-27879

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-27879
A resample query can be used to trigger out-of-memory crashes in Grafana.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://grafana.com/security/security-advisories/cve-2026-27879 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
History

31 Mar 2026, 18:56

Type Values Removed Values Added
CWE CWE-787
References () https://grafana.com/security/security-advisories/cve-2026-27879 - () https://grafana.com/security/security-advisories/cve-2026-27879 - Vendor Advisory
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
First Time Grafana
Grafana grafana

31 Mar 2026, 16:16

Type Values Removed Values Added
CWE CWE-400

27 Mar 2026, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-27 15:16

Updated : 2026-03-31 18:56

NVD link : CVE-2026-27879

Mitre link : CVE-2026-27879

CVE.ORG link : CVE-2026-27879

JSON object : View

Products Affected

grafana

  • grafana
CWE
CWE-787

Out-of-bounds Write

CWE-400

Uncontrolled Resource Consumption