Grafana OOM Crash via Testdata Data-Source Exploitation
CVE-2026-28375 Published on March 27, 2026

Grafana Testdata datasource can issue unbounded memory allocations
A testdata data-source can be used to trigger out-of-memory crashes in Grafana.

Vendor Advisory NVD

Products Associated with CVE-2026-28375

Want to know whenever a new CVE is published for Grafana Labs Grafana? stack.watch will email you.

Grafana Labs Grafana

Affected Versions

Grafana:

Version v8.1.0 and below v11.6.14 is affected.
Version v12.0.0 and below v12.1.10 is affected.
Version v12.2.0 and below v12.2.8 is affected.
Version v12.3.0 and below v12.3.6 is affected.
Version v12.4.0 and below v12.4.2 is affected.

Grafana OOM Crash via Testdata Data-Source ExploitationCVE-2026-28375 Published on March 27, 2026

Products Associated with CVE-2026-28375

Affected Versions

Grafana OOM Crash via Testdata Data-Source Exploitation
CVE-2026-28375 Published on March 27, 2026