Describe the bug a clear and concise description of what the bug is.

We identified the usage of hostPID in your Kubernetes manifest enables unauthorized namespace access and container introspection. Processes inside the container can observe or interfere with other workloads running on the node, violating container isolation.

We provide supporting evidence from Kubernetes Pod Security Standards (Baseline & Restricted) and https://github.com/BishopFox/badPods/tree/main/manifests/hostpid which explicitly discourage hostPID: true unless absolutely required, due to risk of privilege escalation and information disclosure.

Expected Behavior:

do not set hostPID: true unless absolutely required.

What's your helm version?

3.15

What's your kubectl version?

1.28

Which chart?

prometheus-node-exporter, prometheus-systemd-exporter, prometheus-windows-exporter

What's the chart version?

prometheus-node-exporter-v4.48.0, prometheus-systemd-exporter-v0.5.1, prometheus-windows-exporter-v0.12.2

What happened?

No response

What you expected to happen?

No response

How to reproduce it?

No response

Enter the changed values of values.yaml?

No response

Enter the command that you execute and failing/misfunctioning.

NA

Anything else we need to know?

No response