| CVE-2026-42154 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a… |
| CVE-2026-42151 |
high |
7.5 |
7.5 |
|
|
|
1mo ago |
Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/a… |
| CVE-2026-44903 |
medium |
— |
5.5 |
|
|
|
9d ago |
Prometheus is an open-source monitoring system and time series database. From 2.49.0 to before 3.5.3 and 3.11.3, in the Prometheus server's legacy web UI (enabled via the command-line flag --enable-f… |
| CVE-2021-29622 |
medium |
— |
5.5 |
|
|
|
4y ago |
Prometheus is an open-source monitoring system and time series database. In 2.23.0, Prometheus changed its default UI to the New ui. To ensure a seamless transition, the URL's prefixed by /new redire… |
