Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: prometheus Clear
ID Title
CVE-2026-44903 Cross-Site Scripting (XSS) in github.com/prometheus/prometheus (CVE-2026-44903)
cross-site scripting in github.com/prometheus/prometheus (CVE-2026-44903). Risk of unauthorized operations or information disclosure. Exploitable via ``label_replace``. Mitigation: upgrade to `2.7.2` or later.
CVE-2026-42151 Information Disclosure in github.com/prometheus/prometheus (CVE-2026-42151)
vulnerability in github.com/prometheus/prometheus (CVE-2026-42151). Confidential information can be exposed externally. Exploitable via ``client_secret``. Mitigation: upgrade to `0.311.3` or later.
CVE-2026-42154 Vulnerability in github.com/prometheus/prometheus (CVE-2026-42154)
vulnerability in github.com/prometheus/prometheus (CVE-2026-42154). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.11.3` or later.
CVE-2023-26735 SSRF (Server-Side Request Forgery) in prometheus (CVE-2023-26735)
SSRF in prometheus (CVE-2023-26735). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →