CVE-2026-26069 Scraparr Readarr Integration exposes sensitive values as metric labels.

Scraparr is a Prometheus Exporter for various components of the arr Suite. From 3.0.0-beta to before 3.0.2, when the Readarr integration was enabled, the exporter exposed the configured Readarr API key as the alias metric label value. Users were affected only if all of the following conditions ar...

CVE-2026-26069

Scraparr (Prometheus Exporter) prior to 3.0.2 is affected when Readarr integration is enabled and the exporter’s /metrics is exposed to outsiders. The Readarr API key could be exposed as the alias metric label value, under conditions: Readarr scraping enabled, no alias configured, /metrics public...

EUVD-2022-3542

Malicious code in bioql PyPI...

GHSA-2V6X-FRW8-7R7F Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c92w-72c5-9x59. This link is maintained to preserve external references. Original Description A security issue was discovered in kube-state-metrics 1.7.x before 1.7.2. An experimental feature was added to v1.7.0...