Skip to content

#grafana

2 articles

Security Alerts Apr 15, 2026

CVE-2025-41118: Data handling vulnerability in Grafana Pyroscope

Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS). If the database is configured to use Tencent C...

Security Alerts Mar 5, 2026

CVE-2026-27876: Remote code execution in Grafana

A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always ...