Tempo Vulnerability: High-Severity Flaw Risks Service Availability

/HIGH /CVSS 7.5/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severity
Tempo Vulnerability: High-Severity Flaw Risks Service Availability

The National Vulnerability Database has detailed CVE-2026-21728, a critical vulnerability in Tempo that could cripple service availability. Attackers can exploit this flaw by sending large limit queries, forcing the service into substantial memory allocations. This denial-of-service vector is particularly concerning as it requires no authentication (PR:N) and has a low attack complexity (AC:L), making it accessible to a wide range of threat actors.

The National Vulnerability Database highlights a CVSS score of 7.5 (HIGH), underscoring the severity. While specific affected products are not detailed, any deployment relying on Tempo for data processing or querying is at risk. The core issue lies in unchecked resource consumption, a classic DoS pattern that can cascade into wider system instability depending on how Tempo is integrated and scaled within an organization’s infrastructure.

Defenders must act proactively. The National Vulnerability Database recommends mitigating this by configuring the max_result_limit in the search configuration. Setting this to a reasonable value, such as 262144 (2^18), can prevent excessive memory usage. This is a prime example where a simple configuration tweak can significantly harden a service against a known attack vector.

What This Means For You

  • If your organization uses Tempo, immediately audit your search configurations. Ensure `max_result_limit` is set to a sensible value (e.g., 262144 or lower) to prevent denial-of-service attacks that could impact service availability.
🛡️ Am I exposed to this? Get detection rules for CVE-2026-21728 — Splunk, Sentinel, Elastic, QRadar & more

Related ATT&CK Techniques

T1499 Service Stop Impact

🛡️ Detection Rules

2 rules · 6 SIEM formats

2 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1499 Impact

Tempo Large Limit Query Denial of Service - CVE-2026-21728

Sigma YAML — free preview

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-21728 Vulnerability CVE-2026-21728

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 24, 2026 at 12:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related Posts

Critical Flaws Hit CrowdStrike, Tenable Products; Patches Released

SecurityWeek reports that critical vulnerabilities have been addressed in products from CrowdStrike and Tenable. CrowdStrike has issued a fix for a severe flaw impacting its...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Tropic Trooper Exploits SumatraPDF and VS Code Tunnels for Espionage

A sophisticated campaign by the threat group Tropic Trooper is targeting Chinese-speaking individuals. The attackers are leveraging a trojanized version of the SumatraPDF reader to...

threat-intelvulnerabilitymalwaremicrosofttools
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4078 — Cross-Site Scripting (XSS)

CVE-2026-4078 — The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma