CVE-2026-21728: Vulnerability in Grafana Tempo
CVE-2026-21728 is a high-severity vulnerability in Grafana Tempo v1. 3. 0 where queries with large limits can cause excessive memory allocations. This can impact the availability of the Tempo service depending on how it is deployed. There is no official patch or vendor advisory indicating a fix at this time. Mitigation can be achieved by configuring the max_result_limit parameter in the search configuration to restrict query sizes and reduce memory usage.
AI Analysis
Technical Summary
Grafana Tempo version 1.3.0 is vulnerable to a denial-of-service condition caused by queries that request large result sets. Such queries lead to large memory allocations which may degrade or disrupt service availability. The vulnerability is identified as CVE-2026-21728 with a CVSS 3.1 base score of 7.5 (high severity), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability. No official patch or remediation level is currently documented. A recommended mitigation is to set the max_result_limit configuration parameter (e.g., to 262144) to limit the size of query results and control memory consumption.
Potential Impact
The vulnerability can cause high memory usage on affected Grafana Tempo instances, potentially leading to service unavailability or denial of service. There is no indication of confidentiality or integrity impact. The impact depends on deployment specifics and query patterns. No known exploits are reported in the wild.
Mitigation Recommendations
No official patch or fix is currently available. Administrators should mitigate the risk by configuring the max_result_limit setting in the Tempo search configuration to a reasonable value (such as 262144) to limit the size of query results and prevent excessive memory allocation. Monitor vendor advisories for updates regarding official fixes.
CVE-2026-21728: Vulnerability in Grafana Tempo
Description
CVE-2026-21728 is a high-severity vulnerability in Grafana Tempo v1. 3. 0 where queries with large limits can cause excessive memory allocations. This can impact the availability of the Tempo service depending on how it is deployed. There is no official patch or vendor advisory indicating a fix at this time. Mitigation can be achieved by configuring the max_result_limit parameter in the search configuration to restrict query sizes and reduce memory usage.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Grafana Tempo version 1.3.0 is vulnerable to a denial-of-service condition caused by queries that request large result sets. Such queries lead to large memory allocations which may degrade or disrupt service availability. The vulnerability is identified as CVE-2026-21728 with a CVSS 3.1 base score of 7.5 (high severity), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and impact limited to availability. No official patch or remediation level is currently documented. A recommended mitigation is to set the max_result_limit configuration parameter (e.g., to 262144) to limit the size of query results and control memory consumption.
Potential Impact
The vulnerability can cause high memory usage on affected Grafana Tempo instances, potentially leading to service unavailability or denial of service. There is no indication of confidentiality or integrity impact. The impact depends on deployment specifics and query patterns. No known exploits are reported in the wild.
Mitigation Recommendations
No official patch or fix is currently available. Administrators should mitigate the risk by configuring the max_result_limit setting in the Tempo search configuration to a reasonable value (such as 262144) to limit the size of query results and prevent excessive memory allocation. Monitor vendor advisories for updates regarding official fixes.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GRAFANA
- Date Reserved
- 2026-01-05T09:26:06.215Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69eb2efb87115cfb68096492
Added to database: 4/24/2026, 8:51:07 AM
Last enriched: 4/24/2026, 9:06:06 AM
Last updated: 4/24/2026, 9:53:05 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.