CVE-2026-28377— S3 SSE-C Encryption Key Exposed in Plaintext via Config Endpoint (CVE-2025-41118 Pattern)

CVSS 7.5 · High EPSS 0.01% · P1 Updated Apr 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-28377

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

S3 SSE-C Encryption Key Exposed in Plaintext via Config Endpoint (CVE-2025-41118 Pattern)

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to william_goodfellow for reporting this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Grafana Tempo 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Grafana Tempo是Grafana开源的一个分布式追踪数据存储与查询系统。 Grafana Tempo存在安全漏洞，该漏洞源于/status/config端点以明文形式暴露S3 SSE-C加密密钥，可能导致未经授权的用户获取用于加密跟踪数据的密钥。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Grafana	Tempo	2.10.3	-

II. Public POCs for CVE-2026-28377

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-28377

请登录查看更多情报信息。

Same Patch Batch · Grafana · 2026-03-26 · 3 CVEs total

CVE-2026-33375	6.5 MEDIUM	Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS
CVE-2026-21724	5.4 MEDIUM	Missing Protected-field Authorization in Provisioning Contact Points API

IV. Related Vulnerabilities

Same product: Tempo

CVE-2026-21728
Tempo query limit results in unbounded memory allocation

Same vendor: Grafana

V. Comments for CVE-2026-28377

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-28377— S3 SSE-C Encryption Key Exposed in Plaintext via Config Endpoint (CVE-2025-41118 Pattern)

I. Basic Information for CVE-2026-28377

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-28377

III. Intelligence Information for CVE-2026-28377

Same Patch Batch · Grafana · 2026-03-26 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-28377

Leave a comment