This page collects WhisperX intelligence signals tagged #CVE-2026-40179. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security vulnerability in Prometheus, the widely used open-source monitoring system, has been patched in version 0.311.2. The flaw, tracked as CVE-2026-40179, is a stored cross-site scripting (XSS) vulnerability that allows for remote code execution within the Prometheus web interface. The update is marked a...
A critical security vulnerability in the Prometheus monitoring system has been patched, exposing web interfaces to stored cross-site scripting (XSS) attacks. The flaw, tracked as CVE-2026-40179, allows an attacker to inject malicious HTML and JavaScript into the monitoring dashboard by crafting metric names. This creat...
A critical stored cross-site scripting (XSS) vulnerability in the Prometheus monitoring system's web interface has been addressed through an emergency dependency update. The flaw, tracked as CVE-2026-40179, allows attackers to inject malicious HTML or JavaScript code via specially crafted metric names, which then execu...
A critical stored cross-site scripting vulnerability has been identified in the Prometheus monitoring platform's web interface. The flaw, tracked as CVE-2026-40179 and catalogued as GHSA-vffh-x6r8-xx99, allows crafted metric names and label values to execute arbitrary JavaScript when rendered in Prometheus web UI toolt...
A critical stored cross-site scripting vulnerability has been identified and patched in Prometheus, the widely deployed open-source monitoring and alerting toolkit. The flaw, tracked as CVE-2026-40179, allows attackers to inject malicious scripts through crafted metric names and label values that execute when displayed...