4 matches found
CVE-2026-27876 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876
Grafana (OSS) is affected when the sqlExpressions feature toggle is enabled, enabling a chained attack against a Grafana Enterprise plugin that can lead to remote arbitrary code execution (RCE). Affected ranges and fixes are: 11.6.0–11.6.14 (fix in 11.6.14); 12.0.0–12.1.10 (fix in 12.1.10; 12.0 i...