← volver
CVE-2026-33375

Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS

CVSS 6.5 MEDIUMEPSS 0.4%CWE-400
The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Grafana · Grafana OSS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://grafana.com/security/security-advisories/cve-2026-33375