Vendor

Prometheus

2 briefs RSS

Prometheus Remote Read Endpoint Denial-of-Service Vulnerability

The Prometheus remote read endpoint is vulnerable to denial of service due to a missing validation of the declared decoded length in snappy-compressed request bodies, allowing unauthenticated attackers to exhaust memory resources.

go/github.com/prometheus/prometheus denial-of-service prometheus snappy

2r 1t 1c May 5, 2026

high threat

Multiple Vulnerabilities in Prometheus Allow for DoS, Information Disclosure, and XSS

2 rules 2 TTPs

Multiple vulnerabilities in Prometheus could allow an attacker to perform a Denial of Service attack, disclose sensitive information, or execute Cross-Site Scripting attacks.

Prometheus vulnerability denial-of-service information-disclosure cross-site-scripting

2r 2t May 5, 2026