RATATOSKRATATOSK
Sign in

Releases

AI-analyzed release notes for CNCF graduated and incubating projects.

Project: PrometheusClear ×

Prometheus

ObservabilityJul 1, 2026

Prometheus v3.13.0 is an LTS release leading with a HIGH-severity credential-forwarding fix (CVE-2025-4673, CVE-2023-45289) and a MEDIUM XSS fix (CVE-2026-44990), alongside four breaking changes to pagination tokens, path resolution, PromQL duration function names, and license file packaging, plus a broad set of new features and performance improvements.

  • securityHIGH: Credentials no longer forwarded on cross-host redirects

    Credentials (Authorization header, basic auth, bearer token, OAuth2, and configured headers) are no longer forwarded when following a redirect to a different host. This affects scraping, remote read/write, alerting, and service discovery where credentials are configured and cross-host redirects occur. Tracked as CVE-2025-4673 and CVE-2023-45289; driven by upgrading prometheus/common from v0.68.x to v0.69.0. Review any targets or endpoints that rely on redirects, as credentials will now be dropped silently on host change.

  • securityMEDIUM: XSS fix in UI dependency (CVE-2026-44990)

    sanitize-html was bumped to fix a cross-site scripting vulnerability (CVE-2026-44990) in the Prometheus UI. No configuration change needed; upgrade to v3.13.0.

  • breakingPagination token algorithm changed from SHA-1 to SHA-256

    Rule group pagination tokens now use SHA-256 instead of SHA-1. Any client or tooling that stores or compares pagination tokens across versions will see different token values after upgrade.

  • breaking--http.config.file relative path resolution changed

    Relative file paths inside the file passed to --http.config.file are now resolved relative to that config file's own directory, not its parent directory. If you use relative paths in that config, verify they still resolve correctly after upgrading.

  • breakingDuration-expression functions min()/max() renamed to min_of()/max_of()

    If you use the experimental-duration-expr feature flag, the PromQL duration functions min() and max() have been renamed to min_of() and max_of(). Update any queries or rules that use the old names.

  • breakingnpm_licenses.tar.bz2 removed; licenses now at /assets/third-party-licenses.txt

    npm_licenses.tar.bz2 is no longer shipped in release tarballs or container images. Third-party npm license text is now embedded in the binary and served at /assets/third-party-licenses.txt. Any automation that extracted that archive needs updating.

Key changes (8)
  • HIGH security fix: credentials (auth headers, bearer token, OAuth2, basic auth) dropped on cross-host redirects, fixing CVE-2025-4673 and CVE-2023-45289 via prometheus/common v0.69.0
  • MEDIUM security fix: sanitize-html bumped to patch XSS vulnerability CVE-2026-44990 in the UI
  • Breaking: rule group pagination tokens now SHA-256; stored tokens from older versions will differ
  • Breaking: --http.config.file relative paths now resolved relative to the config file's directory, not its parent
  • Breaking: duration-expression functions min()/max() renamed to min_of()/max_of() (experimental-duration-expr flag only)
  • Breaking: npm_licenses.tar.bz2 removed from tarballs/images; licenses served from /assets/third-party-licenses.txt in the binary
  • New experimental API search endpoints for metric names, label names, and label values; AWS RDS filtering; Scaleway VPC/IPAM-only instance support; native histogram smoothed/anchored rate; per-query samplesRead stats; Azure Monitor Workspace certificate support; container images on ghcr.io
  • Performance: case-insensitive prefix matching up to ~2x faster; per-sample chunk overhead down ~12-15%; V2 histogram WAL decoder allocations cut up to 50% (up to 10% memory reduction for native-histogram deployments with created-timestamp storage); plus multiple PromQL panic and TSDB corruption fixes
Source

Prometheus

ObservabilityJun 17, 2026

Prometheus v3.5.4 is a security-focused patch: fixes a secret-exposure bug in STACKIT SD and bumps several Go/UI dependencies to patch known CVEs. Upgrade promptly.

  • securityRotate STACKIT SD credentials if you use that SD

    The /-/config endpoint was exposing STACKIT service discovery secrets in plaintext. If your Prometheus instance uses STACKIT SD and /-/config was reachable by anyone other than admins, assume those credentials are compromised and rotate them. Upgrade to v3.5.4 immediately, then restrict access to /-/config behind authentication.

  • securityUpgrade to patch three Go CVEs in golang.org/x/net and OpenTelemetry

    GO-2026-5026, GO-2026-4918, and GO-2026-4985 are addressed by bumping golang.org/x/net to v0.55.0 and OpenTelemetry to v1.43.0. If you run Prometheus exposed to untrusted network traffic, this upgrade should not wait for your next maintenance window.

  • enhancementghcr.io image publishing available as an alternative pull source

    Prometheus images are now also on ghcr.io. If your environment has rate-limit or access issues with Docker Hub, you can switch your image pull source to ghcr.io/prometheus/prometheus without waiting for a feature release.

Key changes (4)
  • STACKIT SD leaked secrets in plaintext via /-/config endpoint (GHSA-39j6-789q-qxvh) — now fixed
  • golang.org/x/net and OpenTelemetry bumped to patch GO-2026-5026, GO-2026-4918, GO-2026-4985
  • UI dependencies (react-router-dom, vite, vitest, postcss) updated to patched versions
  • Container images now published to ghcr.io in addition to existing registries
Source

Prometheus

ObservabilityMay 28, 2026

Prometheus 3.12.0 ships two security patches (Remote Write DoS, STACKIT SD secret leak), fixes a WAL race in Agent mode, and cuts TSDB range query CPU with a quadratic-to-constant head chunk lookup fix.

  • securityPatch two security fixes now — especially if using STACKIT SD

    Two CVEs patched in this release. First: Remote Write now rejects snappy-compressed payloads where the declared decoded size exceeds 32 MB — this closes a DoS vector against your remote-write receiver endpoint. Second: STACKIT SD was leaking secrets in plaintext via the `/-/config` endpoint (GHSA-39j6-789q-qxvh). If you use STACKIT SD, rotate any credentials that may have been exposed before upgrading.

  • breakingAgent mode WAL race and remote_write panic bug fixed — upgrade Agent deployments

    A race condition in the agent appender could produce duplicate in-memory series and duplicate WAL records when concurrent appends target the same label set. If you run Prometheus in Agent mode under high write concurrency, this bug could silently corrupt your WAL. Upgrade to 3.12.0 to fix it. Also, `remote_write` queue_config fields are now validated at load time — misconfigurations that previously caused silent runtime panics will now fail at startup, which is the right behavior but means you should test configs before rolling out.

  • enhancementTSDB range query CPU cut and auto-reload-config is now stable

    TSDB head chunk lookup in range queries drops from quadratic to constant time, and mmap operations now skip series that don't need work. At production scale with large head chunks, this can meaningfully cut CPU. No config changes needed — just upgrade. Separately, `auto-reload-config` is now stable (no longer experimental), so you can drop any caveats around it in runbooks.

Key changes (18)
  • Security: Remote Write rejects snappy payloads with decoded size over 32 MB (DoS fix); STACKIT SD secret leak via /-/config endpoint patched (GHSA-39j6-789q-qxvh)
  • TSDB performance: head chunk range query lookup is now O(1) instead of O(n²); mmap skips clean series, reducing CPU at scale
  • PromQL: new experimental functions start(), end(), range(), step(); rate()/irate()/increase()/resets() updated to use start timestamps behind the use-start-timestamps feature flag
  • Service Discovery: DigitalOcean Managed Databases and Outscale VM added; AWS EC2 SD gains IPv6 support; AWS SD gets optional external_id for ECS/MSK/RDS/ElastiCache
  • Bug fixes: agent WAL race condition patched; scrape panics on malformed histograms fixed; TSDB native histogram query panic fixed; remote_write queue_config now validated at startup
  • UI: time series deletion and tombstone cleanup now available from the Status menu
  • auto-reload-config promoted to stable
  • OTLP gzip body size now capped to prevent decompression abuse
  • SD target updates propagate faster via dynamic backoff instead of static 5s interval
  • Consul SD health_filter fix for Catalog-only fields like ServiceTags
  • prometheus_sd_refresh and prometheus_sd_discovered_targets metrics cleaned up when scrape jobs are removed
  • PromQL warns when sort/sort_by_label used in range queries (no-op in that context)
  • sort/sort_by_label warning in range queries, NaN/infinite duration expressions now rejected
  • Scrape: st-synthesis feature flag added to synthesize start timestamps for cumulative metrics when using Remote Write 2.0
  • promtool query instant gains --header flag
  • aix/ppc64 compilation target added
  • /api/v1/status/self_metrics endpoint added
  • Tracing: OTLP HTTP insecure startup failure fixed
Source

Prometheus

ObservabilityApr 27, 2026

Prometheus v3.11.3 patches three security vulnerabilities: a credential leak, a DoS vector via malformed snappy payloads, and a stored XSS in the classic UI.

  • securityRotate AzureAD client secrets if /-/config was accessible

    If you use AzureAD remote write and the /-/config endpoint was reachable by anyone other than trusted admins, treat your client_secret as compromised. Rotate it in Azure AD immediately, then upgrade to v3.11.3. Also audit who has access to that endpoint — it should never be public-facing.

  • securityUpgrade immediately if remote-read is enabled and exposed

    The snappy decode vulnerability lets an attacker send a crafted request with an inflated declared length, potentially exhausting memory. If your Prometheus remote-read endpoint is reachable from outside your trust boundary, this is a real DoS risk. Upgrade to v3.11.3 as soon as possible — there's no config-level workaround short of disabling remote-read entirely.

  • securityAssess XSS exposure if you still run the classic UI

    The stored XSS in the old UI heatmap affects any deployment where users can influence label values (e.g., via instrumented applications) and other users view those charts. If you've already migrated to the new UI, you're not affected. If you haven't, upgrade now — or at minimum restrict UI access to trusted users until you do.

Key changes (3)
  • CVE-2026-42151: AzureAD OAuth client_secret was exposed in plaintext through the /-/config endpoint
  • CVE-2026-42154: Remote-read now rejects snappy-compressed requests where declared decoded length exceeds the configured limit, closing a potential DoS vector
  • Stored XSS fixed in the old/classic UI heatmap chart — unescaped 'le' label values in tick labels were the injection point
Source

Prometheus

ObservabilityApr 27, 2026

Prometheus v3.5.3 is a security-only release patching four vulnerabilities: credential exposure, two snappy decompression bombs, and a stored XSS in the legacy UI.

  • securityRotate AzureAD client_secret immediately if /-/config was exposed

    Any Prometheus instance using AzureAD remote write had its OAuth client_secret visible in plaintext at the /-/config endpoint. If that endpoint was reachable by untrusted users or scraped by monitoring tools, treat the secret as compromised. Rotate it in Azure AD, update your Prometheus config, and then upgrade to v3.5.3. After upgrading, restrict /-/config access via --web.enable-admin-api controls or a reverse proxy allowlist.

  • securityUpgrade now if you accept remote-read or remote-write from untrusted sources

    Both remote-read and remote-write endpoints were vulnerable to decompression bomb attacks — a crafted snappy request with an inflated declared size could exhaust memory. If your Prometheus is internet-facing or accepts data from multiple tenants, this is a denial-of-service risk. Upgrade to v3.5.3 immediately. There is no config-level workaround; the fix is in the code.

  • securityPatch stored XSS if anyone uses the legacy UI with untrusted label values

    The old UI heatmap rendered 'le' label values without escaping, allowing stored XSS. If your users browse the legacy UI and your metrics include 'le' labels sourced from external or user-controlled systems, malicious JavaScript could execute in their browsers. Upgrade to v3.5.3. As a short-term measure, direct users to the new UI instead.

Key changes (4)
  • CVE-2026-42151: AzureAD OAuth client_secret leaked in plaintext via /-/config endpoint
  • CVE-2026-42154: Remote-read snappy decompression bomb — oversized declared decode length now rejected
  • Remote-write snappy decompression bomb fixed with same decode limit enforcement (no separate CVE listed)
  • Stored XSS via unescaped 'le' label values in legacy UI heatmap tick labels (GHSA-fw8g-cg8f-9j28)
Source

Prometheus

ObservabilityApr 13, 2026

Prometheus v3.11.2 patches a stored XSS vulnerability (CVE-2026-40179) in the web UI, plus two Consul SD fixes. Upgrade immediately if your UI is exposed.

  • securityPatch CVE-2026-40179 immediately if your Prometheus UI is reachable

    A stored XSS can be triggered by crafted metric names or label values — meaning any scrape target you ingest data from could potentially inject malicious scripts into your UI. If your Prometheus endpoint is accessible to users beyond the ops team (internal dashboards, federated setups), treat this as urgent. Upgrade to v3.11.2 now. If you can't upgrade immediately, restrict UI access via network policy or auth proxy until you can.

  • breakingVerify Consul SD behavior after the Health API filter fix

    The filter parameter was previously applied incorrectly to the Consul Health API. After upgrading, your Consul service discovery results may change if you were relying on that filter — intentionally or not. Review your Consul SD configs and validate that the services being scraped post-upgrade match your expectations before rolling out to production.

  • enhancementUse `health_filter` in Consul SD to reduce noise from unhealthy services

    The new `health_filter` field lets you filter Consul Health API responses directly at the SD layer. If you've been working around this with relabeling rules to drop unhealthy instances, you can now clean that up. Set `health_filter` to `healthy` in your Consul SD config to only scrape passing services and reduce unnecessary target churn.

Key changes (3)
  • SECURITY: Stored XSS via unescaped metric names and label values in UI tooltips and metrics explorer — CVE-2026-40179
  • Consul SD: New `health_filter` field for fine-grained Health API filtering
  • Consul SD: Fixed a bug where the filter parameter was incorrectly applied to the Health API
Source

Prometheus

ObservabilityApr 13, 2026

Prometheus v3.5.2 was released, but the published notes are too brief to summarize. See the original release notes for details.

Source

Prometheus

ObservabilityApr 7, 2026

Prometheus v3.11.1 was released, but the published notes are too brief to summarize. See the original release notes for details.

Source

Prometheus

ObservabilityApr 2, 2026

Prometheus v3.11.0 ships significant new discovery capabilities, TSDB experimental features, and a critical retention bug fix that could cause data to be kept 1,000,000x longer than configured.

  • breakingFix TSDB retention unit bug before your disk fills up

    A unit mismatch in the config file parser caused `storage.tsdb.retention.time` to be interpreted as 1,000,000x the intended value. If you set retention via the config file (not CLI flags), your TSDB may be holding far more data than expected. Upgrade to 3.11.0 immediately and verify disk usage post-upgrade. Also note: CLI flag values are now the fallback when retention is removed from config, so review your configuration carefully.

  • breakingMigrate Hetzner hcloud SD label references before July 2026

    `__meta_hetzner_datacenter` and `__meta_hetzner_hcloud_datacenter_location*` labels are deprecated for hcloud roles and will stop working after July 1, 2026. Audit all relabeling configs and recording rules that reference these labels. Replace with `__meta_hetzner_hcloud_location` and `__meta_hetzner_hcloud_location_network_zone`. The robot role keeps the old label for backward compatibility.

  • enhancementCap TSDB disk usage with retention.percentage

    The new `storage.tsdb.retention.percentage` setting lets you define a maximum percentage of available disk that TSDB can use. This is a cleaner safety net than estimating byte-based retention limits, especially in environments with variable data volumes. Consider pairing it with the existing time-based retention rather than replacing it — both constraints apply.

Key changes (6)
  • CRITICAL BUG: TSDB retention time unit mismatch caused retention to run 1e6x longer than configured — patch immediately
  • Hetzner SD labels deprecated: `__meta_hetzner_datacenter` for hcloud role dies July 1, 2026; migrate relabeling configs now
  • New AWS SD roles for Elasticache and RDS, plus Azure Workload Identity auth support
  • New `storage.tsdb.retention.percentage` config to cap TSDB disk usage by percentage
  • Experimental `fast-startup` flag writes series state to WAL dir, reducing restart time for large TSDB instances
  • OTLP fix: ErrTooOldSample now returns HTTP 400 instead of 500, breaking infinite client retry loops
Source

Prometheus

ObservabilityFeb 26, 2026

Prometheus 3.10.0 introduces distroless Docker images for enhanced security, new PromQL fill() functions for handling missing data, and numerous performance improvements across query execution and TSDB operations.

  • enhancementConsider migrating to distroless images for production

    The new distroless variant provides better security with minimal attack surface and uses proper nonroot UID/GID 65532. Plan migration by adjusting volume ownership and permissions - existing named volumes require ownership changes, and bind mounts may need permission adjustments depending on your setup.

  • enhancementOptimize memory usage with stale series compaction

    Enable experimental `stale_series_compaction_threshold` in your config to automatically compact stale series in memory, reducing memory footprint for workloads with high series churn. Start with conservative thresholds and monitor memory usage patterns.

  • enhancementBuild custom Prometheus binaries for resource optimization

    Use new build tags `remove_all_sd` and `enable_<sd name>_sd` to create smaller Prometheus binaries containing only the service discovery mechanisms you actually use, reducing binary size and potential attack surface in containerized deployments.

Key changes (5)
  • Distroless Docker image variant with UID/GID 65532 for enhanced security alongside existing busybox image
  • New PromQL fill(), fill_left(), and fill_right() functions for handling missing series with default values
  • Experimental stale series compaction in memory with configurable threshold for TSDB optimization
  • Independent alertmanager sendloops with new alertmanager dimension in notification metrics
  • Modular service discovery build system allowing custom Prometheus builds with only required SDs
Source