Grafana Tempo
2 CVEs affecting Grafana Tempo. Latest disclosed: 2026-04-24. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21728 | High | 7.5 | 2026-04-24 | Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mit… |
CVE-2026-28377 | High | 7.5 | 2026-03-26 | A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users… |