Known Vulnerabilities for Grafana by Vendor
Listed below are 8 of the newest known vulnerabilities associated with "Grafana" by "Vendor".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33375 json | The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restricti... | Not Provided | 2026-03-26 | 2026-03-27 |
| CVE-2026-28377 json | A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potent... | Not Provided | 2026-03-26 | 2026-03-27 |
| CVE-2026-28375 json | A testdata data-source can be used to trigger out-of-memory crashes in Grafana. | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-27879 json | A resample query can be used to trigger out-of-memory crashes in Grafana. | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-27876 json | A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RC... | Not Provided | 2026-03-27 | 2026-04-02 |
| CVE-2026-21727 json | --- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.... | Not Provided | 2026-04-15 | 2026-04-20 |
| CVE-2026-21724 json | A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allow... | Not Provided | 2026-03-26 | 2026-04-09 |
| CVE-2025-12141 json | In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions “alert.notifica... | Not Provided | 2026-04-15 | 2026-04-15 |