CVE-2026-28375

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-28375
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://grafana.com/security/security-advisories/cve-2026-28375 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*
History

31 Mar 2026, 18:15

Type Values Removed Values Added
References () https://grafana.com/security/security-advisories/cve-2026-28375 - () https://grafana.com/security/security-advisories/cve-2026-28375 - Vendor Advisory
First Time Grafana
Grafana grafana
CPE cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*

31 Mar 2026, 16:16

Type Values Removed Values Added
CWE CWE-400

27 Mar 2026, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-27 15:16

Updated : 2026-03-31 18:15

NVD link : CVE-2026-28375

Mitre link : CVE-2026-28375

CVE.ORG link : CVE-2026-28375

JSON object : View

Products Affected

grafana

  • grafana
CWE
CWE-400

Uncontrolled Resource Consumption