All 5 CVE vulnerabilities found in prometheus, with AI-generated Chinese analysis, references, and POCs.
Vendor: [UNKNOWN]
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42154 | Prometheus: remote read endpoint allows denial of service via crafted snappy payload CWE-400 | 7.5 | High | 2026-05-04 |
| CVE-2026-42151 | Prometheus Azure AD remote write OAuth client secret exposed via config API CWE-200 | 7.5 | High | 2026-05-04 |
| CVE-2026-40179 | Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer CWE-79 | 6.1 | - | 2026-04-15 |
| CVE-2021-29622 | Arbitrary redirects under /new endpoint CWE-601 | 6.5 | Medium | 2021-05-19 |
| CVE-2019-3826 | Prometheus 跨站脚本漏洞 CWE-79 | 6.1 | - | 2019-03-26 |
All 5 known CVE vulnerabilities affecting prometheus with full Chinese analysis, references, and POCs where available.