Lucene search
K

5 matches found

osv
osv
added 2026/04/01 8:41 a.m.8 views

BIT-GRAFANA-2026-27876 RCE on Grafana via sqlExpressions

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...

9.1CVSS6.6AI score0.01929EPSS
Exploits0References5
nessus
nessus
added 2026/03/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-27876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in...

9.1CVSS6.4AI score0.01929EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/03/27 4:48 p.m.3 views

CVE-2026-27876

A flaw was found in Grafana and the Grafana Enterprise plugin. A remote attacker could exploit a chained attack involving SQL Expressions and the Grafana Enterprise plugin to achieve remote arbitrary code execution. This vulnerability is present in instances where the sqlExpressions feature toggl...

9.1CVSS6.2AI score0.01929EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2026/03/27 3:16 p.m.4 views

CVE-2026-27876

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...

9.1CVSS6.7AI score0.01929EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/27 2:24 p.m.37 views

CVE-2026-27876 RCE on Grafana via sqlExpressions

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...

9.1CVSS0.01929EPSS
Exploits0References1
Rows per page
Query Builder