CVE-2026-21728 (GCVE-0-2026-21728)

Vulnerability from cvelistv5 – Published: 2026-04-24 08:00 – Updated: 2026-06-30 12:06
VLAI
Title
Tempo query limit results in unbounded memory allocation
Summary
Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18).
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
Vendor Product Version
Grafana Tempo Affected: v1.3.0 , < v2.11.0 (semver)
Create a notification for this product.
Red Hat Multicluster Global Hub 1.3.4     cpe:/a:redhat:multicluster_globalhub:1.3::el9
Create a notification for this product.
Red Hat Multicluster Global Hub 1.4.5     cpe:/a:redhat:multicluster_globalhub:1.4::el9
Create a notification for this product.
Red Hat Multicluster Global Hub 1.5.4     cpe:/a:redhat:multicluster_globalhub:1.5::el9
Create a notification for this product.
Red Hat Multicluster Global Hub 1.6.2     cpe:/a:redhat:multicluster_globalhub:1.6::el9
Create a notification for this product.
Red Hat Multicluster Global Hub 1.7.1     cpe:/a:redhat:multicluster_globalhub:1.7::el9
Create a notification for this product.
Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
Create a notification for this product.
Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
Create a notification for this product.
Red Hat Red Hat Ceph Storage 9     cpe:/a:redhat:ceph_storage:9
Create a notification for this product.
Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:6
Create a notification for this product.
Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
Create a notification for this product.
Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Date Public
2026-02-23 07:40
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-21728",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-24T11:29:58.649315Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-24T13:06:58.775Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.3::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.3.4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.4.5",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.5.4",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.6::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.6.2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub:1.7::el9"
            ],
            "defaultStatus": "affected",
            "product": "Multicluster Global Hub 1.7.1",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:5"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 5",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:6"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 6",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:ceph_storage:9"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat Ceph Storage 9",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:openshift_distributed_tracing:3"
            ],
            "defaultStatus": "affected",
            "product": "Red Hat OpenShift distributed tracing 3",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:logging:6"
            ],
            "defaultStatus": "unaffected",
            "product": "Logging Subsystem for Red Hat OpenShift",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:multicluster_globalhub"
            ],
            "defaultStatus": "unaffected",
            "product": "Multicluster Global Hub",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/a:redhat:acm:2"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:10"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 10",
            "vendor": "Red Hat"
          },
          {
            "cpes": [
              "cpe:/o:redhat:enterprise_linux:9"
            ],
            "defaultStatus": "unaffected",
            "product": "Red Hat Enterprise Linux 9",
            "vendor": "Red Hat"
          }
        ],
        "datePublic": "2026-04-24T08:00:47.074Z",
        "descriptions": [
          {
            "lang": "en",
            "value": "A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service."
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "namespace": "https://access.redhat.com/security/updates/classification/",
                "value": "Important"
              },
              "type": "Red Hat severity rating"
            }
          },
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            },
            "format": "CVSS"
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-30T12:06:48.938Z",
          "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
          "shortName": "redhat-SADP"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2026-21728"
          },
          {
            "name": "RHBZ#2461395",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461395"
          },
          {
            "tags": [
              "x_sadp-csaf-vex"
            ],
            "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-21728.json"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:22423"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:22347"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:21769"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:23345"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2026:24503"
          }
        ],
        "solutions": [
          {
            "lang": "en",
            "value": "RHSA-2026:22423: Multicluster Global Hub 1.3.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
          },
          {
            "lang": "en",
            "value": "RHSA-2026:24503: Multicluster Global Hub 1.7.1"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-04-24T09:00:58.144Z",
            "value": "Reported to Red Hat."
          },
          {
            "lang": "en",
            "time": "2026-04-24T08:00:47.074Z",
            "value": "Made public."
          }
        ],
        "title": "grafana/tempo: Tempo: Denial of Service via large queries",
        "x_adpType": "supplier",
        "x_generator": {
          "engine": "sadp-cli 1.0.0"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Tempo",
          "vendor": "Grafana",
          "versions": [
            {
              "lessThan": "v2.11.0",
              "status": "affected",
              "version": "v1.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2026-02-23T07:40:45.862Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy.\n\nMitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-22T16:31:21.327Z",
        "orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
        "shortName": "GRAFANA"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://grafana.com/security/security-advisories/cve-2026-21728"
        }
      ],
      "source": {
        "discovery": "INTERNAL_FINDING"
      },
      "title": "Tempo query limit results in unbounded memory allocation",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
    "assignerShortName": "GRAFANA",
    "cveId": "CVE-2026-21728",
    "datePublished": "2026-04-24T08:00:47.074Z",
    "dateReserved": "2026-01-05T09:26:06.215Z",
    "dateUpdated": "2026-06-30T12:06:48.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-21728",
      "date": "2026-07-06",
      "epss": "0.00645",
      "percentile": "0.46467"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-21728\",\"sourceIdentifier\":\"security@grafana.com\",\"published\":\"2026-04-24T09:16:03.710\",\"lastModified\":\"2026-06-30T03:17:24.707\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy.\\n\\nMitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18).\"}],\"affected\":[{\"source\":\"security@grafana.com\",\"affectedData\":[{\"vendor\":\"Grafana\",\"product\":\"Tempo\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"v1.3.0\",\"lessThan\":\"v2.11.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.3.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.4.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.5.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.7.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:logging:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-04-24T11:29:58.649315Z\",\"id\":\"CVE-2026-21728\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.3.0\",\"versionEndExcluding\":\"2.8.4\",\"matchCriteriaId\":\"AE74525D-4401-4907-BB5F-E4FD2595CA5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.2\",\"matchCriteriaId\":\"4F731ED3-2882-414C-B5FE-679B76A751A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.10.0\",\"versionEndExcluding\":\"2.10.2\",\"matchCriteriaId\":\"A90B7E68-DFF4-449F-A145-C1ABB0184B2E\"}]}]}],\"references\":[{\"url\":\"https://grafana.com/security/security-advisories/cve-2026-21728\",\"source\":\"security@grafana.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21769\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22347\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22423\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23345\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24503\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-21728\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2461395\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-21728.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"grafana/tempo: Tempo: Denial of Service via large queries\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.3.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.4.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.5.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.7.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-24T09:00:58.144Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-04-24T08:00:47.074Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:22423: Multicluster Global Hub 1.3.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22347: Multicluster Global Hub 1.4.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21769: Multicluster Global Hub 1.5.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23345: Multicluster Global Hub 1.6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24503: Multicluster Global Hub 1.7.1\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-04-24T08:00:47.074Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-21728\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2461395\", \"name\": \"RHBZ#2461395\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-21728.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22423\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22347\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21769\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23345\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24503\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Tempo. A remote attacker can exploit this vulnerability by sending large queries to the Tempo service. This can lead to excessive memory allocations, potentially causing a Denial of Service (DoS) by impacting the availability of the service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T12:06:48.938Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-21728\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-24T11:29:58.649315Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-24T11:33:33.468Z\"}}], \"cna\": {\"title\": \"Tempo query limit results in unbounded memory allocation\", \"source\": {\"discovery\": \"INTERNAL_FINDING\"}, \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\"}}], \"affected\": [{\"vendor\": \"Grafana\", \"product\": \"Tempo\", \"versions\": [{\"status\": \"affected\", \"version\": \"v1.3.0\", \"lessThan\": \"v2.11.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2026-02-23T07:40:45.862Z\", \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2026-21728\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy.\\n\\nMitigation can be done by setting max_result_limit in the search config, e.g. to 262144 (2^18).\"}], \"providerMetadata\": {\"orgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"shortName\": \"GRAFANA\", \"dateUpdated\": \"2026-06-22T16:31:21.327Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-21728\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T12:06:48.938Z\", \"dateReserved\": \"2026-01-05T09:26:06.215Z\", \"assignerOrgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"datePublished\": \"2026-04-24T08:00:47.074Z\", \"assignerShortName\": \"GRAFANA\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…