@oneuptime/common
This hub aggregates every CVE we track for @oneuptime/common, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
4
Critical
3
High
0
In CISA KEV
Severity distribution
CRITICAL4HIGH3MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
2
4
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting @oneuptime/common.
- CVE-2026-30959OneUptime has WhatsApp Resend Verification Authorization Bypass5.0
- CVE-2026-30957OneUptime Synthetic Monitor RCE via exposed Playwright browser object9.9
- CVE-2026-30956OneUptime has authorization bypass via client‑controlled is-multi-tenant-query header9.9
- CVE-2026-28787OneUptime has WebAuthn 2FA bypass: server accepts client-supplied challenge instead of server-stored value, allowing credential replay8.2
- CVE-2026-27728OneUptime: OS Command Injection in Probe NetworkPathMonitor via unsanitized destination in traceroute exec()9.9
- CVE-2026-27574OneUptime: node:vm sandbox escape in probe allows any project member to achieve RCE9.9
- CVE-2025-66028OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation8.2
- CVE-2025-65966OneUptime Unauthorized User Creation via API8.1
Product normalization is registry-driven with AI assist and human review. How it works