PT-2026-34868 · Grafana · Tempo

Published

2026-04-24

Updated

2026-04-25

CVE-2026-21728

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Tempo (affected versions not specified)

Description Queries with large limits can cause excessive memory allocations, which may impact service availability depending on the deployment strategy.

Recommendations Set the max result limit in the search configuration, for example, to 262144 (2^18).

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2026-21728

GHSA-P4R4-XVRQ-GVMC

Affected Products

Tempo

PT-2026-34868 · Grafana · Tempo

CVE-2026-21728

Weakness Enumeration

Related Identifiers

Affected Products

References · 10