Tag

Sqlexpression

1 brief RSS

Grafana Enterprise Plugin SQL Expression RCE via CVE-2026-27876

A chained attack leveraging SQL Expressions and a Grafana Enterprise plugin, tracked as CVE-2026-27876, can lead to remote arbitrary code execution on vulnerable Grafana instances with the sqlExpressions feature enabled.

grafana rce sqlexpression

2r 2t 2i Mar 27, 2026