Tag

Grafana

5 briefs RSS

Grafana Multiple Vulnerabilities Leading to XSS and Information Disclosure

Multiple vulnerabilities in Grafana allow a remote, anonymous attacker to conduct a Cross-Site Scripting attack or disclose information.

Grafana xss information-disclosure cloud

2r 1t 11h ago

high advisory

Grafana Vulnerability Allows File Manipulation and Information Disclosure

2 rules 4 TTPs

A remote, authenticated attacker can exploit a vulnerability in Grafana to manipulate files and disclose sensitive information, potentially leading to persistence, unauthorized access, and significant impact.

grafana vulnerability file-manipulation information-disclosure

2r 4t 2w ago

critical advisory

Multiple Vulnerabilities in Grafana

2 rules 4 TTPs

Multiple vulnerabilities in Grafana allow a remote attacker to conduct a denial-of-service attack, execute code, or disclose information.

grafana vulnerability dos code-execution information-disclosure

2r 4t Mar 30, 2026

critical advisory

Grafana Enterprise Plugin SQL Expression RCE via CVE-2026-27876

2 rules 2 TTPs 2 IOCs

A chained attack leveraging SQL Expressions and a Grafana Enterprise plugin, tracked as CVE-2026-27876, can lead to remote arbitrary code execution on vulnerable Grafana instances with the sqlExpressions feature enabled.

grafana rce sqlexpression

2r 2t 2i Mar 27, 2026

critical advisory

Grafana Vulnerability Allows Remote Code Execution

2 rules 1 TTP

An authenticated remote attacker can exploit a vulnerability in Grafana to execute arbitrary code, potentially leading to system compromise and data exfiltration.

Grafana code-execution vulnerability

2r 1t Jul 3, 2024