๐Ÿ” CVE Alert

CVE-2026-21729

HIGH 7.5

Loki detected_fields query limits results in unbounded memory allocation

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

Loki queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy.

Vendor grafana
Product loki
Ecosystems
Industries
Technology
Published Jul 16, 2026
Last Updated Jul 16, 2026
Stay Ahead of the Next One

Get instant alerts for grafana loki

Be the first to know when new high vulnerabilities affecting grafana loki are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Grafana / Loki
v3.0.0 < v3.7.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
grafana.com: https://grafana.com/security/security-advisories/cve-2026-21729