Storm Prometheus Reporter Security Vulnerabilities and Issues — Storm Prometheus Reporter CVE List

ApacheStorm Prometheus Reporter

1 matches found

CVE•added 2026/04/27 1:12 p.m.•13 views

CVE-2026-40557

Summary: CVE-2026-40557 affects Apache Storm Prometheus Reporter (versions 2.6.3–2.8.6). The issue stems from PrometheusPreparableReporter implementing an INSECURE_TRUST_MANAGER and, when storm.daemon.metrics.reporter.plugin.prometheus.skip_tls_validation is enabled, triggering SSLContext.setDefa...

4.8CVSS5.2AI score0.0013EPSS