PT-2026-28372 · Grafana+1 · Grafana+1

Osidb Bzimport

·

Published

2026-03-27

·

Updated

2026-06-05

·

CVE-2026-27880

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Grafana versions (affected versions not specified)
Description The OpenFeature feature toggle evaluation endpoint has a flaw where it reads input data without limits, potentially leading to out-of-memory crashes. The issue involves reading unbounded values into memory. The vulnerable component is the evaluation API. The API endpoint involved is the feature toggle evaluation endpoint. The input data is read into memory without any bounds checking.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Corruption

Out of bounds Read

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-08993
BIT-GRAFANA-2026-27880
CVE-2026-27880

Affected Products

Grafana
Red Os