24 matches found
CVE-2026-28376
A flaw was found in Grafana Live. An authenticated user with access to the Grafana Live API can exploit the push endpoint by sending a large or streaming request body. This can lead to unbounded memory allocation, potentially causing out-of-memory conditions and resulting in a Denial of Service D...
CVE-2026-28379
A flaw was found in Grafana Live, where a race condition allows authenticated users with a Viewer role to trigger a server crash. By sending concurrent requests, these users can cause a fatal map access error, leading to complete service unavailability Denial of Service. This requires a restart o...
Linux Distros Unpatched Vulnerability : CVE-2026-28379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map...
Linux Distros Unpatched Vulnerability : CVE-2026-28376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to...
BIT-GRAFANA-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
BIT-GRAFANA-2026-28376 Grafana Live push endpoint allows unbounded memory allocation leading to OOM
The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...
SUSE CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
EUVD-2026-30138
The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...
EUVD-2026-30139
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28376
The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
UBUNTU-CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
UBUNTU-CVE-2026-28376
The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...
CVE-2026-28376 Grafana Live push endpoint allows unbounded memory allocation leading to OOM
The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...
CVE-2026-28376
CVE-2026-28376 affects the Grafana Live push endpoint. An authenticated user with access to the Grafana Live API can trigger unbounded memory allocation by sending a large or streaming request body, potentially causing out-of-memory conditions. The available documents describe the vulnerable comp...
CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
Use of a Non-reentrant Function in a Concurrent Context
Overview Affected versions of this package are vulnerable to Use of a Non-reentrant Function in a Concurrent Context via a race condition in the Grafana Live process. An attacker can cause the server to crash and become unavailable by sending concurrent requests as an authenticated user with View...
CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...