FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Grafana -- Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS

Affected packages
11.6.0 <= grafana < 11.6.14
12.1.0 <= grafana < 12.1.10
12.2.0 <= grafana < 12.2.8
12.3.0 <= grafana < 12.3.6
12.4.0 <= grafana < 12.4.2

Details

VuXML ID 9bcc3279-5901-11f1-b525-3c7c3fba4204
Discovery 2026-03-26
Entry 2026-05-26

https://grafana.com/security/security-advisories/cve-2026-33375 reports:

The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container.

[source]

References

CVE Name CVE-2026-33375
URL https://cveawg.mitre.org/api/cve/CVE-2026-33375

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.