oneuptime (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package oneuptime, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2026-32306 — CVSS 9.9 (critical): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the telemetry aggregation API accepts…
CVE-2026-33142 — CVSS 8.1 (high): OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 (ClickHouse SQL…
CVE-2026-32308 — CVSS 7.6 (high): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid…
CVE-2026-33143 — CVSS 7.5 (high): OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the WhatsApp POST webhook handler…
CVE-2026-32598 — CVSS 6.5 (medium): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.24, the password reset flow logs the complete password…