Grafana · Grafana Mssql Data Source Plugin · CVE-2026-33375
**Name of the Vulnerable Software and Affected Versions**
Grafana MSSQL data source plugin (affected versions not specified)
**Description**
The Grafana MSSQL data source plugin has a logic flaw. A low-privileged user (Viewer) can bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, leading to a crash of the host container. The issue allows a user with limited privileges to cause a denial-of-service condition by exhausting system memory.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.