{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27879", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2026-02-24T14:30:17.727Z", "datePublished": "2026-03-27T14:28:56.133Z", "dateUpdated": "2026-05-13T19:28:38.490Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2026-05-13T19:28:38.490Z"}, "datePublic": "2026-03-27T14:26:32.584Z", "title": "Query resampling can cause unbounded memory allocations", "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "affected": [{"vendor": "Grafana", "product": "Grafana", "platforms": ["Cloud", "OnPrem"], "defaultStatus": "unaffected", "versions": [{"version": "8.0.0", "status": "affected", "versionType": "semver", "lessThan": "11.6.14"}, {"version": "12.0.0", "status": "affected", "versionType": "semver", "lessThan": "12.1.10"}, {"version": "12.2.0", "status": "affected", "versionType": "semver", "lessThan": "12.2.8"}, {"version": "12.3.0", "status": "affected", "versionType": "semver", "lessThan": "12.3.6"}, {"version": "12.4.0", "status": "affected", "versionType": "semver", "lessThan": "12.4.2"}]}], "references": [{"url": "https://grafana.com/security/security-advisories/cve-2026-27879", "tags": ["vendor-advisory"]}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"discovery": "INTERNAL_FINDING"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T15:02:56.347770Z", "id": "CVE-2026-27879", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:02:59.478Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T15:02:56.347770Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:02:52.661Z"}}], "cna": {"title": "Query resampling can cause unbounded memory allocations", "source": {"discovery": "INTERNAL_FINDING"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "affected": [{"vendor": "Grafana", "product": "Grafana", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "11.6.14", "versionType": "semver"}, {"status": "affected", "version": "12.0.0", "lessThan": "12.1.10", "versionType": "semver"}, {"status": "affected", "version": "12.2.0", "lessThan": "12.2.8", "versionType": "semver"}, {"status": "affected", "version": "12.3.0", "lessThan": "12.3.6", "versionType": "semver"}, {"status": "affected", "version": "12.4.0", "lessThan": "12.4.2", "versionType": "semver"}], "platforms": ["Cloud", "OnPrem"], "defaultStatus": "unaffected"}], "datePublic": "2026-03-27T14:26:32.584Z", "references": [{"url": "https://grafana.com/security/security-advisories/cve-2026-27879", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2026-05-13T19:28:38.490Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27879", "state": "PUBLISHED", "dateUpdated": "2026-05-13T19:28:38.490Z", "dateReserved": "2026-02-24T14:30:17.727Z", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "datePublished": "2026-03-27T14:28:56.133Z", "assignerShortName": "GRAFANA"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B51404F-9207-4B3D-B9A8-5D7A4CC69C82", "versionEndExcluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "5845D5E9-8631-4F0B-B100-24DCDE4C8C1F", "versionEndExcluding": "12.0.0", "versionStartIncluding": "11.6.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE3F977F-FF94-4A15-918C-54241EC49560", "versionEndExcluding": "12.2.0", "versionStartIncluding": "12.1.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB499815-0B44-4BF9-AB14-F7272EF0173F", "versionEndExcluding": "12.3.0", "versionStartIncluding": "12.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F2B145A-24E0-4C0F-BF82-FFD2B1301B51", "versionEndExcluding": "12.4.0", "versionStartIncluding": "12.3.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "id": "CVE-2026-27879", "lastModified": "2026-03-31T18:56:31.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@grafana.com", "type": "Secondary"}]}, "published": "2026-03-27T15:16:51.187", "references": [{"source": "security@grafana.com", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2026-27879"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "Grafana: Grafana: Denial of Service via resample query", "id": "2452286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452286"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["A flaw was found in Grafana. A remote attacker with low privileges can exploit this vulnerability by sending a specially crafted resample query. This can trigger out-of-memory crashes, leading to a Denial of Service (DoS) for the affected system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-27879", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-27T14:28:56Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-27879\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27879\nhttps://grafana.com/security/security-advisories/cve-2026-27879"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": ["cloud", "onprem"], "status": "affected", "versions": {"scheme": "semver", "value": "[8.0.0,11.6.14)"}}, {"platform": ["cloud", "onprem"], "status": "affected", "versions": {"scheme": "semver", "value": "[12.0.0,12.1.10)"}}, {"platform": ["cloud", "onprem"], "status": "affected", "versions": {"scheme": "semver", "value": "[12.2.0,12.2.8)"}}, {"platform": ["cloud", "onprem"], "status": "affected", "versions": {"scheme": "semver", "value": "[12.3.0,12.3.6)"}}, {"platform": ["cloud", "onprem"], "status": "affected", "versions": {"scheme": "semver", "value": "[12.4.0,12.4.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Grafana", "source": "cna", "vendor": "Grafana"}, "product": "grafana", "vendor": "grafana"}], "analysis": {"en": {"generated_at": "2026-03-31T20:24:25.980161+00:00", "value": {"mitigation_remediation": ["Upgrade Grafana to the latest release that includes the patch for this vulnerability.", "If an immediate upgrade is not possible, restrict or sanitize resample query size or disable resample functionality until the patch is applied.", "Monitor Grafana logs for out-of-memory crashes and review system resources for abnormal usage."], "summary": {"action": "Apply Patch", "impact": "Out-of-Memory Denial of Service"}, "threat_synthesis": {"affected_systems": "The flaw resides in Grafana and affects any installed instance that processes resample queries. Version specifics are not provided, so all Grafana releases that support resample queries may be impacted until the fix is applied.", "description_and_impact": "The vulnerability allows an attacker to craft a resample query that triggers unbounded memory allocations in Grafana, causing out-of-memory crashes that deny service. The weakness maps to CWE-400 (Uncontrolled Resource Consumption), CWE-770 (Out-of-Bounds Allocation), and CWE-787 (Out-of-Bounds Write).", "risk_and_exploitability": "With a CVSS base score of 6.5 the flaw is of medium severity. An EPSS score of less than 1 percent and absence from the CISA KEV catalog suggest low current exploitation likelihood. The likely attack vector is inferred to be application-level via crafted query input, meaning an attacker who can submit resample queries could trigger the crash."}}}}, "created": "2026-03-27T20:28:30.164825+00:00", "updated": "2026-04-02T07:55:36.049523+00:00", "vendors": ["grafana", "grafana$PRODUCT$grafana"]}