EUVD-2026-16351Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container.
AnalysisAI
Grafana MSSQL data source plugin versions across multiple release branches contain a logic flaw enabling low-privileged Viewer users to bypass API restrictions and trigger catastrophic out-of-memory exhaustion, resulting in host container denial of service. The vulnerability affects Grafana OSS versions 11.6.0 through 12.4.0 across multiple patch branches (11.6.14+security-01, 12.1.10+security-01, 12.2.8+security-01, 12.3.6+security-01, and 12.4.2 or later) and requires only network access and valid low-privileged credentials to exploit; no public exploit code or active exploitation has been confirmed at time of analysis.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Vulnerability AssessmentAI
| Risk Assessment | The CVSS 3.1 score of 6.5 (Medium-High) reflects a network-accessible vulnerability requiring low-privilege authentication, with high availability impact but no confidentiality or integrity compromise. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with valid Grafana Viewer credentials (e.g., obtained through credential compromise or provisioned by default in a shared environment) logs into a Grafana instance and crafts a malicious request to the MSSQL plugin API that exploits the authorization bypass and triggers unbounded memory allocation during query processing. The request does not require user interaction and exploits the logic flaw to allocate progressively larger memory buffers until the host container exhausts available RAM, causing the Grafana process to be killed by the operating system's out-of-memory killer, resulting in service unavailability. … |
| Remediation | Upgrade Grafana OSS to patched versions: 11.6.14+security-01 or later (for 11.6.x branch), 12.1.10+security-01 or later (for 12.1.x branch), 12.2.8+security-01 or later (for 12.2.x branch), 12.3.6+security-01 or later (for 12.3.x branch), or 12.4.2 or later (for 12.4.x branch). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More from same product – last 7 days
Vendor StatusVendor
SUSE
Severity: Medium| Product | Status |
|---|---|
| SUSE Linux Enterprise Module for Package Hub 15 SP7 | Fixed |
| SUSE Manager Client Tools 15 | Fixed |
| SUSE Manager Client Tools for SLE 15 | Fixed |
| SUSE Multi-Linux Manager Client Tools for SLE 15 | Fixed |
| openSUSE Leap 15.6 | Fixed |
| SUSE Linux Enterprise Module for Package Hub 15 SP4 | Fixed |
| SUSE Linux Enterprise Module for Package Hub 15 SP5 | Fixed |
| SUSE Linux Enterprise Module for Package Hub 15 SP6 | Fixed |
| openSUSE Leap 15.3 | Fixed |
| openSUSE Leap 15.4 | Fixed |
| openSUSE Leap 15.5 | Fixed |
| SUSE Multi Linux Manager Tools SLE-15 | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today