Medium severity6.5NVD Advisory· Published Mar 27, 2026· Updated Mar 31, 2026
CVE-2026-28375
CVE-2026-28375
Description
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
25- osv-coords23 versionspkg:apk/chainguard/grafana-11.6pkg:apk/chainguard/grafana-12.1pkg:apk/chainguard/grafana-12.2pkg:apk/chainguard/grafana-12.3pkg:apk/chainguard/grafana-fips-11.6pkg:apk/chainguard/grafana-fips-12.1pkg:apk/chainguard/grafana-fips-12.2pkg:apk/chainguard/grafana-fips-12.3pkg:apk/wolfi/grafana-11.6pkg:apk/wolfi/grafana-12.1pkg:apk/wolfi/grafana-12.2pkg:apk/wolfi/grafana-12.3pkg:bitnami/grafanapkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/grafana&distro=openSUSE%20Tumbleweedpkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/prometheus-blackbox_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5
< 0+ 22 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 11.6.14-r2
- (no CPE)range: < 12.1.10.01-r0
- (no CPE)range: < 12.2.8.01-r0
- (no CPE)range: < 12.3.6.01-r0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: >= 8.1.0, < 11.6.14
- (no CPE)range: < 11.6.14+security04-bp160.1.1
- (no CPE)range: < 11.6.14+security01-1.1
- (no CPE)range: < 1.0.10-150002.3.6.1
- (no CPE)range: < 3.5.0-150002.3.8.1
- (no CPE)range: < 11.6.14+security01-150002.4.14.1
- (no CPE)range: < 0.26.0-150002.3.6.1
- (no CPE)range: < 0.26.0-150002.3.6.1
- (no CPE)range: < 5.1.13-150002.3.9.3
- (no CPE)range: < 5.1.26-150002.3.12.1
- (no CPE)range: < 5.1.26-150002.3.12.1
Patches
Vulnerability mechanics
References
1- grafana.com/security/security-advisories/cve-2026-28375nvdVendor Advisory
News mentions
0No linked articles in our index yet.