CVE-2026-28376

Same vendor

• CVE-2026-33381 — When a user's access to mint tokens for a service account is revoked, it is sometimes still possible to do so for a few seconds after the... (5.9 MEDIUM)
• CVE-2026-33380 — A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem (6.3 MEDIUM)
• CVE-2026-33378 — Using the $__timeGroup macro, one can achieve an OOM by overloading the server (6.5 MEDIUM)
• CVE-2026-33377 — An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard (7.1 HIGH)
• CVE-2026-33376 — When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses (7.4 HIGH)

Same CWE

• CVE-2026-48854 — Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BE...
• CVE-2026-48853 — Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unau...
• CVE-2026-8683 — Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App w... (6.5 MEDIUM)
• CVE-2026-53522 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (6.5 MEDIUM)
• CVE-2026-50560 — Netty is a network application framework for development of protocol servers and clients (5.3 MEDIUM)