{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27879", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "state": "PUBLISHED", "assignerShortName": "GRAFANA", "dateReserved": "2026-02-24T14:30:17.727Z", "datePublished": "2026-03-27T14:28:56.133Z", "dateUpdated": "2026-03-31T15:02:59.478Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2026-03-27T14:28:56.133Z"}, "datePublic": "2026-03-27T14:26:32.584Z", "title": "Query resampling can cause unbounded memory allocations", "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "affected": [{"vendor": "Grafana", "product": "Grafana", "platforms": ["Cloud", "OnPrem"], "defaultStatus": "unaffected", "versions": [{"version": "v8.0.0", "status": "affected", "versionType": "semver", "lessThan": "v11.6.14"}, {"version": "v12.0.0", "status": "affected", "versionType": "semver", "lessThan": "v12.1.10"}, {"version": "v12.2.0", "status": "affected", "versionType": "semver", "lessThan": "v12.2.8"}, {"version": "v12.3.0", "status": "affected", "versionType": "semver", "lessThan": "v12.3.6"}, {"version": "v12.4.0", "status": "affected", "versionType": "semver", "lessThan": "v12.4.2"}]}], "references": [{"url": "https://grafana.com/security/security-advisories/cve-2026-27879", "tags": ["vendor-advisory"]}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "source": {"discovery": "INTERNAL_FINDING"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T15:02:56.347770Z", "id": "CVE-2026-27879", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:02:59.478Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27879", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T15:02:56.347770Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:02:52.661Z"}}], "cna": {"title": "Query resampling can cause unbounded memory allocations", "source": {"discovery": "INTERNAL_FINDING"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "affected": [{"vendor": "Grafana", "product": "Grafana", "versions": [{"status": "affected", "version": "v8.0.0", "lessThan": "v11.6.14", "versionType": "semver"}, {"status": "affected", "version": "v12.0.0", "lessThan": "v12.1.10", "versionType": "semver"}, {"status": "affected", "version": "v12.2.0", "lessThan": "v12.2.8", "versionType": "semver"}, {"status": "affected", "version": "v12.3.0", "lessThan": "v12.3.6", "versionType": "semver"}, {"status": "affected", "version": "v12.4.0", "lessThan": "v12.4.2", "versionType": "semver"}], "platforms": ["Cloud", "OnPrem"], "defaultStatus": "unaffected"}], "datePublic": "2026-03-27T14:26:32.584Z", "references": [{"url": "https://grafana.com/security/security-advisories/cve-2026-27879", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "providerMetadata": {"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "shortName": "GRAFANA", "dateUpdated": "2026-03-27T14:28:56.133Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27879", "state": "PUBLISHED", "dateUpdated": "2026-03-31T15:02:59.478Z", "dateReserved": "2026-02-24T14:30:17.727Z", "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da", "datePublished": "2026-03-27T14:28:56.133Z", "assignerShortName": "GRAFANA"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B51404F-9207-4B3D-B9A8-5D7A4CC69C82", "versionEndExcluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "5845D5E9-8631-4F0B-B100-24DCDE4C8C1F", "versionEndExcluding": "12.0.0", "versionStartIncluding": "11.6.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE3F977F-FF94-4A15-918C-54241EC49560", "versionEndExcluding": "12.2.0", "versionStartIncluding": "12.1.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB499815-0B44-4BF9-AB14-F7272EF0173F", "versionEndExcluding": "12.3.0", "versionStartIncluding": "12.2.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F2B145A-24E0-4C0F-BF82-FFD2B1301B51", "versionEndExcluding": "12.4.0", "versionStartIncluding": "12.3.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A resample query can be used to trigger out-of-memory crashes in Grafana."}], "id": "CVE-2026-27879", "lastModified": "2026-03-31T18:56:31.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security@grafana.com", "type": "Secondary"}]}, "published": "2026-03-27T15:16:51.187", "references": [{"source": "security@grafana.com", "tags": ["Vendor Advisory"], "url": "https://grafana.com/security/security-advisories/cve-2026-27879"}], "sourceIdentifier": "security@grafana.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "Grafana: Grafana: Denial of Service via resample query", "id": "2452286", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452286"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-770", "details": ["A flaw was found in Grafana. A remote attacker with low privileges can exploit this vulnerability by sending a specially crafted resample query. This can trigger out-of-memory crashes, leading to a Denial of Service (DoS) for the affected system."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-27879", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-27T14:28:56Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-27879\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-27879\nhttps://grafana.com/security/security-advisories/cve-2026-27879"], "threat_severity": "Moderate"}