CVE-2026-40557 | Apache Storm Prometheus Reporter up to 2.8.6 certificate validation

Inserito da Angelo Barbosa | Apr 26, 2026 | CVE

A vulnerability has been found in Apache Storm Prometheus Reporter up to 2.8.6 and classified as critical. Impacted is an unknown function. The manipulation leads to improper certificate validation.

This vulnerability is referenced as CVE-2026-40557. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-40557 | Apache Storm Prometheus Reporter up to 2.8.6 certificate validation

Post correlati

CVE-2024-11852 | Element Pack Elementor Addons Plugin up to 5.10.12 on WordPress authorization

CVE-2024-5997 | Duplica Plugin up to 0.6 on WordPress Users/Posts authorization

CVE-2024-47922 | Priority PRI WEB up to 24.0 information disclosure

CVE-2023-48354 | Unisoc S8000 Telephone Service information disclosure