CVE-2026-21728

HIGH CVSS 7.5 View on NVD ↗

Description

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18).

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

https://grafana.com/security/security-advisories/cve-2026-21728

Published: Apr 24, 2026 09:16 UTC Modified: Apr 24, 2026 14:39 UTC