Prometheus

Prometheus is an open-source monitoring and alerting toolkit widely used for infrastructure observability. This medium-severity vulnerability (CVSS 5.3) can be exploited remotely over the network without authentication or user interaction, resulting in limited disclosure of sensitive information but no system compromise or availability impact. Security teams should monitor for patches after the January 23, 2025 vendor deadline and assess whether their Prometheus deployments are exposed to untrusted networks, as the low barrier to exploitation makes this a moderate priority for patching.