CVE-2026-40179

Name of the Vulnerable Software and Affected Versions Prometheus versions 3.0 through 3.5.1 Prometheus versions 3.6.0 through 3.11.1

Description Stored cross-site scripting exists in multiple components of the Prometheus web UI, specifically within the Mantine UI and the old React UI. The issue occurs because metric names and label values are injected into innerHTML without proper escaping. In both UIs, chart tooltips on the Graph page render metric names containing HTML or JavaScript without sanitization. Additionally, in the old React UI, the Metric Explorer fuzzy search results use dangerouslySetInnerHTML without escaping, and heatmap cell tooltips interpolate le label values without sanitization. Since Prometheus v3.x defaults to UTF-8 metric and label name validation, characters such as <, >, and " are considered valid. An attacker capable of injecting metrics via a compromised scrape target, remote write, or OTLP receiver endpoint can execute arbitrary JavaScript in the browser of a user viewing the metric in the Graph UI. This could lead to configuration exfiltration via '/api/v1/status/config', data deletion via '/api/v1/admin/tsdb/delete series', or Prometheus shutdown via '/-/quit', depending on the enabled flags.

Recommendations Update Prometheus versions 3.0 through 3.5.1 to version 3.5.2. Update Prometheus versions 3.6.0 through 3.11.1 to version 3.11.2. Ensure that the remote write receiver (--web.enable-remote-write-receiver) and the OTLP receiver (--web.enable-otlp-receiver) are not exposed to untrusted sources. Verify that all scrape targets are trusted and not under attacker control. Avoid enabling admin or mutating API endpoints, such as --web.enable-admin-api or --web.enable-lifecycle, in environments where untrusted data may be ingested. Refrain from clicking untrusted links, particularly those containing functions such as label replace, as they may generate poisoned label names and values.