Grafana Tempo TraceQL OOM with Excessive Exemplars Hint
CVE-2026-27878 Published on June 19, 2026
Tempo TraceQL query with exemplar hint could result in unbounded memory usage
A TraceQL query in Grafana Tempo with a large exemplars hint value can cause the Tempo instance to allocate an excessive amount of memory, resulting in an out-of-memory crash. This could allow an authenticated user to trigger a denial of service against the Tempo service.
Affected Versions
Grafana Enterprise Traces (GET):- Version 2.6.1 and below 2.8.8 is affected.
- Version 2.6.0 and below 2.10.2 is affected.