CVE-2026-27879:
Grafana vulnerability analysis and mitigation

A resample query can be used to trigger out-of-memory crashes in Grafana.

Source: NVD

Not a customer? See how Wiz maps CVEs like this one to real cloud attack paths.

Score

Published March 27, 2026

Severity MEDIUM

CNA Score 6.5

Affected Technologies

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 3.3

Exploitation Probability (EPSS) N/A

Affected packages and libraries

Sources

Chainguard
- Chainguard Has FixAdded at: Mar 29, 2026
Homebrew
- Homebrew Severity MEDIUMHas FixAdded at: Apr 05, 2026
Nix
- Nix Severity MEDIUMHas FixAdded at: Apr 05, 2026
Red Hat Errata
- Red Hat 8, 9, 10 Severity MEDIUMNo FixAdded at: Mar 29, 2026
VulnCheck NVD++
- Linux Severity MEDIUMHas FixAdded at: Mar 29, 2026
- Windows Severity MEDIUMHas FixAdded at: Mar 29, 2026
Wolfi
- Wolfi Has FixAdded at: Mar 29, 2026
NVD
- Linux Severity MEDIUMHas FixAdded at: Apr 05, 2026
- Windows Severity MEDIUMHas FixAdded at: Apr 05, 2026

Get a CVE risk assessment

Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-40175	CRITICAL	10	JavaScript	grafana-prometheus	No	Yes	Apr 10, 2026
CVE-2025-62718	CRITICAL	9.3	JavaScript	grafana-postgres	No	Yes	Apr 09, 2026
CVE-2026-28291	HIGH	8.1	JavaScript	grafana-postgres	No	Yes	Apr 13, 2026
CVE-2026-33810	HIGH	7.5	cAdvisor	flux-source-watcher	No	Yes	Apr 08, 2026
CVE-2026-39865	MEDIUM	5.9	JavaScript	node-axios	No	Yes	Apr 08, 2026