CVE-2026-40179 | Prometheus up to 3.5.1/3.11.1 label_replace label cross site scripting (GHSA-vffh-x6r8-xx99)

Inserito da Angelo Barbosa | Apr 16, 2026 | CVE

A vulnerability was found in Prometheus up to 3.5.1/3.11.1 and classified as problematic. This vulnerability affects the function label_replace. Executing a manipulation of the argument label can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-40179. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-40179 | Prometheus up to 3.5.1/3.11.1 label_replace label cross site scripting (GHSA-vffh-x6r8-xx99)

Post correlati

CVE-2025-41426 | Vertiv Liebert RDU101/Liebert IS-UNITY stack-based overflow (icsa-25-140-10)

CVE-2026-5602 | Nor2-io heim-mcp up to 0.1.3 new_heim_application src/tools.ts registerTools os command injection

CVE-2024-57601 | Alex Tselegidis easyappointments 1.5.0 legal_settings cross site scripting

CVE-2025-3609 | Reales WP STPT Plugin up to 2.1.2 on WordPress Password Update privilege escalation