Grafana OpenFeature Unbounded Memory Read Vulnerability Leading to Out-of-Memory Crashes

Vulnerability

A vulnerability exists in Grafana's OpenFeature feature toggle evaluation endpoint, where unbounded values are read into memory. This can result in out-of-memory crashes.

Impact

Exploitation of this vulnerability can cause the application to crash due to excessive memory consumption, leading to a denial-of-service condition.

Added: Mar 27, 2026, 3:58 PM

Updated: Mar 27, 2026, 3:58 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

2.5

exploitability

7.4

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

2.5

exploitability

7.4

remediation

0.0

relevance

4.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Grafana OpenFeature Unbounded Memory Read Vulnerability Leading to Out-of-Memory Crashes

Vulnerability

Impact

Affected Products

Grafana

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating