CVE-2026-21729
Received Received - Intake

Memory Exhaustion in Grafana Loki Queries

Vulnerability report for CVE-2026-21729, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: Grafana Labs

Description

Loki queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-16
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves Loki queries that request large data limits. These queries can cause significant memory usage, potentially leading to service unavailability depending on how Loki is deployed.

Impact Analysis

An attacker could exploit this by sending queries with large limits, consuming excessive memory. This may slow down or crash the Loki service, disrupting log queries and affecting system reliability.

Mitigation Strategies

Limit the maximum query limit in Loki configuration to prevent large memory allocations. Monitor memory usage during queries and set alerts for abnormal spikes. Ensure Grafana and Loki deployments have sufficient resources to handle peak loads.

Executive Summary

This vulnerability involves Loki queries that request large data limits, leading to excessive memory usage. This can degrade or crash the service depending on how it is deployed, impacting its availability.

Impact Analysis

If you use Loki for log queries, an attacker could exploit this by sending queries with large limits, causing high memory consumption. This may slow down or crash your Loki instance, disrupting log retrieval and monitoring.

Executive Summary

This vulnerability involves Loki queries that request large data limits. These queries can cause significant memory allocation, potentially overwhelming the service and affecting its availability depending on how it is deployed.

Impact Analysis

An attacker could exploit this by sending queries with large limits, causing high memory usage. This may lead to service slowdowns or crashes, disrupting access to logs and metrics.

Detection Guidance

This vulnerability involves excessive memory allocation due to large query limits in Loki. To detect it, monitor system memory usage during query execution. Check Loki logs for large query limits or out-of-memory errors. Use commands like 'top', 'htop', or 'ps aux' to observe memory consumption by Loki processes. Look for sustained high memory usage correlating with query activity.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-21729. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart