{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40179", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-09T20:59:17.619Z", "datePublished": "2026-04-15T22:26:46.909Z", "dateUpdated": "2026-04-15T22:26:46.909Z"}, "containers": {"cna": {"title": "Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/prometheus/prometheus/security/advisories/GHSA-vffh-x6r8-xx99", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-vffh-x6r8-xx99"}, {"name": "https://github.com/prometheus/prometheus/pull/18506", "tags": ["x_refsource_MISC"], "url": "https://github.com/prometheus/prometheus/pull/18506"}, {"name": "https://github.com/prometheus/prometheus/commit/07c6232d159bfb474a077788be184d87adcfac3c", "tags": ["x_refsource_MISC"], "url": "https://github.com/prometheus/prometheus/commit/07c6232d159bfb474a077788be184d87adcfac3c"}], "affected": [{"vendor": "prometheus", "product": "prometheus", "versions": [{"version": ">= 3.0.0, < 3.5.2", "status": "affected"}, {"version": ">= 3.6.0, < 3.11.2", "status": "affected"}, {"version": "< 0.311.2-0.20260410083055-07c6232d159b", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-15T22:26:46.909Z"}, "descriptions": [{"lang": "en", "value": "Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without escaping. In both the Mantine UI and old React UI, chart tooltips on the Graph page render metric names containing HTML/JavaScript without sanitization. In the old React UI, the Metric Explorer fuzzy search results use dangerouslySetInnerHTML without escaping, and heatmap cell tooltips interpolate le label values without sanitization. With Prometheus v3.x defaulting to UTF-8 metric and label name validation, characters like <, >, and \" are now valid in metric names and labels. An attacker who can inject metrics via a compromised scrape target, remote write, or OTLP receiver endpoint can execute arbitrary JavaScript in the browser of any Prometheus user who views the metric in the Graph UI, potentially enabling configuration exfiltration, data deletion, or Prometheus shutdown depending on enabled flags. This issue has been fixed in versions 3.5.2 and 3.11.2. If developers are unable to immediately update, the following workarounds are recommended: ensure that the remote write receiver (--web.enable-remote-write-receiver) and the OTLP receiver (--web.enable-otlp-receiver) are not exposed to untrusted sources; verify that all scrape targets are trusted and not under attacker control; avoid enabling admin or mutating API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) in environments where untrusted data may be ingested; and refrain from clicking untrusted links, particularly those containing functions such as label_replace, as they may generate poisoned label names and values."}], "source": {"advisory": "GHSA-vffh-x6r8-xx99", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without escaping. In both the Mantine UI and old React UI, chart tooltips on the Graph page render metric names containing HTML/JavaScript without sanitization. In the old React UI, the Metric Explorer fuzzy search results use dangerouslySetInnerHTML without escaping, and heatmap cell tooltips interpolate le label values without sanitization. With Prometheus v3.x defaulting to UTF-8 metric and label name validation, characters like <, >, and \" are now valid in metric names and labels. An attacker who can inject metrics via a compromised scrape target, remote write, or OTLP receiver endpoint can execute arbitrary JavaScript in the browser of any Prometheus user who views the metric in the Graph UI, potentially enabling configuration exfiltration, data deletion, or Prometheus shutdown depending on enabled flags. This issue has been fixed in versions 3.5.2 and 3.11.2. If developers are unable to immediately update, the following workarounds are recommended: ensure that the remote write receiver (--web.enable-remote-write-receiver) and the OTLP receiver (--web.enable-otlp-receiver) are not exposed to untrusted sources; verify that all scrape targets are trusted and not under attacker control; avoid enabling admin or mutating API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) in environments where untrusted data may be ingested; and refrain from clicking untrusted links, particularly those containing functions such as label_replace, as they may generate poisoned label names and values."}], "id": "CVE-2026-40179", "lastModified": "2026-04-15T23:16:09.870", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-15T23:16:09.870", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/prometheus/prometheus/commit/07c6232d159bfb474a077788be184d87adcfac3c"}, {"source": "security-advisories@github.com", "url": "https://github.com/prometheus/prometheus/pull/18506"}, {"source": "security-advisories@github.com", "url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-vffh-x6r8-xx99"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,3.5.2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.6.0,3.11.2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,0.311.2-0.20260410083055-07c6232d159b)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "prometheus", "source": "cna", "vendor": "prometheus"}, "product": "prometheus", "vendor": "prometheus"}], "analysis": {"en": {"generated_at": "2026-04-16T02:16:50.433834+00:00", "value": {"mitigation_remediation": ["Apply the vendor patch to upgrade to Prometheus 3.5.2 or later 3.11.2.", "Disallow or limit the remote\u2011write and OTLP receiver endpoints by disabling them or restricting access to trusted sources.", "Ensure that all scrape targets are under your control and are trusted; avoid ingesting metrics from untrusted or exposed endpoints.", "Disable admin and lifecycle API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) when ingesting untrusted data.", "Avoid clicking links that use functions such as label_replace, which may generate poisoned metric names or values."], "summary": {"action": "Immediate Patch", "impact": "Stored Cross\u2011Site Scripting (Remote Code Execution in browser)"}, "threat_synthesis": {"affected_systems": "All releases from Prometheus 3.0 to 3.5.1 and from 3.6.0 to 3.11.1 are impacted. Users running these versions should verify the exact build and plan to upgrade. The issue was resolved in 3.5.2 and 3.11.2.", "description_and_impact": "Prometheus 3.0\u201111.1 stores metric names and label values directly into chart tooltips, metric explorer results, and heatmap cell tooltips without escaping. The rendering in both the Mantine and old React UI uses innerHTML or dangerouslySetInnerHTML, allowing any HTML or JavaScript injected into a metric or label to be executed when a user views the graph. An attacker who can add or modify metric data via a compromised scrape target, remote write, or OTLP receiver endpoint can trigger arbitrary script execution in the browser of any user who hovers over or selects that metric, potentially exposing configuration information, deleting data, or terminating the Prometheus instance if administrative flags are enabled. The vulnerability is a classic stored XSS flaw (CWE\u201179).", "risk_and_exploitability": "The CVSS score is 5.3, indicating moderate severity. No EPSS data is available, and the flaw is not listed in the CISA KEV catalog, suggesting that while it is known, a public exploit is not yet in widespread use. Because the flaw relies on an attacker having the ability to influence metric data\u2014in many deployments this requires control over a scrape target or remote write endpoint\u2014the attack vector is primarily internal or requires compromised telemetry sources. Nevertheless, when such control is achieved, victims can run arbitrary JavaScript in the UI, which may lead to configuration theft, metric data tampering, or service disruption."}}}}, "created": "2026-04-16T00:30:18.770145+00:00", "updated": "2026-04-16T02:30:21.676242+00:00", "vendors": ["prometheus", "prometheus$PRODUCT$prometheus"]}