[Git][security-tracker-team/security-tracker][master] Add new grafana issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 28 12:57:27 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1bd81e07 by Salvatore Bonaccorso at 2026-03-28T13:57:00+01:00
Add new grafana issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -544,7 +544,7 @@ CVE-2026-28788 (Open WebUI is a self-hosted artificial intelligence platform des
 CVE-2026-28786 (Open WebUI is a self-hosted artificial intelligence platform designed  ...)
 	NOT-FOR-US: Open WebUI
 CVE-2026-28375 (A testdata data-source can be used to trigger out-of-memory crashes in ...)
-	TODO: check
+	- grafana <removed>
 CVE-2026-28369 (A flaw was found in Undertow. When Undertow receives an HTTP request w ...)
 	TODO: check
 CVE-2026-28368 (A flaw was found in Undertow. This vulnerability allows a remote attac ...)
@@ -552,11 +552,11 @@ CVE-2026-28368 (A flaw was found in Undertow. This vulnerability allows a remote
 CVE-2026-28367 (A flaw was found in Undertow. A remote attacker can exploit this vulne ...)
 	TODO: check
 CVE-2026-27880 (The OpenFeature feature toggle evaluation endpoint reads unbounded val ...)
-	TODO: check
+	- grafana <removed>
 CVE-2026-27879 (A resample query can be used to trigger out-of-memory crashes in Grafa ...)
-	TODO: check
+	- grafana <removed>
 CVE-2026-27877 (When using public dashboards and direct data-sources, all direct data- ...)
-	TODO: check
+	- grafana <removed>
 CVE-2026-27876 (A chained attack via SQL Expressions and a Grafana Enterprise plugin c ...)
 	TODO: check
 CVE-2026-27650 (OS Command Injection vulnerability exists in BUFFALO Wi-Fi router prod ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bd81e072a76712b05cbdbc421441ec03cb26774

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1bd81e072a76712b05cbdbc421441ec03cb26774
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260328/c5c3e7b8/attachment.htm>

More information about the debian-security-tracker-commits mailing list