Loading market data...
← Back to CVE feed

CVE-2026-33382

HIGH CVSS 7.5 View on NVD ↗

Description

Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory allocation, potentially exhausting memory and causing a denial of service.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published: Jul 10, 2026 16:16 UTC Modified: Jul 10, 2026 18:01 UTC