Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

OpenTelemetry JS Prometheus Exporter DoS via Malformed HTTP Request

github.com 2026-05-28English translation pending; showing Chinese查看中文 →
Security AdvisoryHighOpenTelemetry
Affected:
  • @opentelemetry/auto-instrumentations-node < 0.75.0
  • @opentelemetry/exporter-prometheus < 0.217.0
  • @opentelemetry/sdk-node < 0.217.0
Fixed in:
  • @opentelemetry/auto-instrumentations-node 0.75.0
  • @opentelemetry/exporter-prometheus 0.217.0
  • @opentelemetry/sdk-node 0.217.0
Referenced CVEs: CVE-2026-44902 · 7.5
文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive
This content was auto-fetched from github.com, cleaned by our LLM pipeline, and translated to English. View original.
More from this source
CISA ICSA-26-148-01 Advisory: Critical Infrastructure Admin Access Vulnerability 2026-05-30 Shopper Admin RBAC Privilege Escalation via Auth Bypass (CVE-2025-47744) 2026-05-30 Shopware Fix: Authorization Bypass, Livewire Hardening, Barcode XSS, Discount Race Condition 2026-05-30 CVE-2025-47745: Missing Authorization in Shopper Admin Tables (Pre-Auth RCE/DoS) 2026-05-30 Shopper Admin Missing Authorization on Order Mutation Actions (CVE-2025-47740) 2026-05-30
Offline Archive

Offline screenshot & PDF are Pro-exclusive

Upgrade to Pro