15 matches found
FreeBSD : Grafana -- RCE on Grafana via sqlExpressions (f45ad940-58ff-11f1-b525-3c7c3fba4204)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f45ad940-58ff-11f1-b525-3c7c3fba4204 advisory. https://grafana.com/security/security-advisories/cve-2026-27876 reports: A chained attack via SQL...
BIT-GRAFANA-2026-27876 RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
SUSE CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
Linux Distros Unpatched Vulnerability : CVE-2026-27876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in...
CVE-2026-27876
A flaw was found in Grafana and the Grafana Enterprise plugin. A remote attacker could exploit a chained attack involving SQL Expressions and the Grafana Enterprise plugin to achieve remote arbitrary code execution. This vulnerability is present in instances where the sqlExpressions feature toggl...
CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
UBUNTU-CVE-2026-27876
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876 RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876 RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
CVE-2026-27876
Grafana (OSS) is affected when the sqlExpressions feature toggle is enabled, enabling a chained attack against a Grafana Enterprise plugin that can lead to remote arbitrary code execution (RCE). Affected ranges and fixes are: 11.6.0–11.6.14 (fix in 11.6.14); 12.0.0–12.1.10 (fix in 12.1.10; 12.0 i...
Grafana -- RCE on Grafana via sqlExpressions
https://grafana.com/security/security-advisories/cve-2026-27876 reports: A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avo...
PT-2026-28369
Name of the Vulnerable Software and Affected Versions: Grafana versions 11.6.0 through 11.6.14, 12.0.0 through 12.1.10, 12.2.0 through 12.2.8, 12.3.0 through 12.3.6, and 12.4.0 through 12.4.2. Description: A chained attack involving SQL Expressions and a Grafana Enterprise plugin can lead to remo...
CVE-2019-1003085
A missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...