CVE-2026-47701: OpenTelemetry Operator for Kubernetes's ServiceMonitor bearerTokenFile reads arbitrary local file and sends contents as bearer auth

OpenTelemetry Operator’s TargetAllocator watches ServiceMonitor resources via the Prometheus Operator CR watcher and converts each selected endpoint into a Prometheus scrape configuration entry. The endpoint field bearerTokenFile is preserved through the conversion as HTTPClientConfig.Authorization.CredentialsFile. The OpenTelemetry Collector, configured with the Prometheus receiver, then loads that scrape config and, at scrape time, reads the file from its own pod filesystem and sends the contents as Authorization: Bearer ... to the scrape endpoint.

A tenant who can create or update a ServiceMonitor selected by TargetAllocator can set bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token and a scrape target the tenant controls. The Collector then ships its mounted service account JWT to that target on every scrape interval.

The Prometheus Operator project addressed the same primitive via the ArbitraryFSAccessThroughSMs.Deny admission/runtime guard.