CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

136 matches found

RedhatCVE•added 2026/05/27 8:45 a.m.•3 views

CVE-2026-28379

A flaw was found in Grafana Live, where a race condition allows authenticated users with a Viewer role to trigger a server crash. By sending concurrent requests, these users can cause a fatal map access error, leading to complete service unavailability Denial of Service. This requires a restart o...

6.5CVSS5.7AI score0.00013EPSS

Exploits0References4

Tenable Nessus•added 2026/05/27 12:0 a.m.•5 views

FreeBSD : Grafana -- Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS (9bcc3279-5901-11f1-b525-3c7c3fba4204)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9bcc3279-5901-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-33375 reports: The Grafana MSSQL data source...

6.5CVSS5.8AI score0.00029EPSS

Exploits0References3

OSV•added 2026/05/15 8:42 a.m.•1 views

BIT-GRAFANA-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash

A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...

6.5CVSS5.8AI score0.00013EPSS

Exploits0References2

EUVD•added 2026/05/13 9:32 p.m.•3 views

EUVD-2026-30139

6.5CVSS5.8AI score0.00013EPSS

Exploits0References2

OSV•added 2026/05/13 8:16 p.m.•2 views

UBUNTU-CVE-2026-28379

6.5CVSS5.8AI score0.00013EPSS

Exploits0References3

UbuntuCve•added 2026/05/13 8:16 p.m.•4 views

CVE-2026-28379

6.5CVSS5.8AI score0.00013EPSS

Exploits0References2

CVE•added 2026/05/13 7:28 p.m.•12 views

CVE-2026-28379

Grafana Live contains a race condition that can be triggered by authenticated users with the Viewer role. Concurrent requests lead to a fatal map access error, causing complete Grafana server unavailability and requiring a restart. Public details are limited to the description; no explicit exploi...

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/05/13 7:28 p.m.•25 views

CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash

6.5CVSS0.00013EPSS

Exploits0References1

AlpineLinux•added 2026/05/13 7:28 p.m.•2 views

CVE-2026-28379

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1

Vulnrichment•added 2026/05/13 7:28 p.m.•2 views

CVE-2026-28379 Viewer-triggered race condition in Grafana Live leads to complete server crash

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1

CNNVD•added 2026/05/13 12:0 a.m.•4 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from a race condition in Live. This condition may allow authenticated users with the Viewer role to trigger a fatal mapping access error by sending concurrent...

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1

Grafana•added 2026/05/13 12:0 a.m.•3 views

Viewer-triggered race condition in Grafana Live leads to complete server crash

6.5CVSS5.8AI score0.00013EPSS

Exploits0

OSV•added 2026/04/13 5:38 a.m.•2 views

BIT-AIRFLOW-2026-34538 Apache Airflow: Authorization bypass in DagRun wait endpoint (XCom exposure)

Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security mode...

6.5CVSS6AI score0.00018EPSS

Exploits0References4