Skip to main content

Uptime Kuma

9 CVEs product

Monthly

CVE-2023-49805 HIGH POC PATCH This Week

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Dockge Uptime Kuma
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-49804 npm HIGH PATCH This Week

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Session Fixation Authentication Bypass Dockge Uptime Kuma
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-49276 npm MEDIUM POC PATCH This Month

Uptime Kuma is an open source self-hosted monitoring tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google XSS Uptime Kuma
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-44400 npm HIGH POC PATCH This Week

Uptime Kuma is a self-hosted monitoring tool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Uptime Kuma
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-36822 npm HIGH POC PATCH This Week

Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions prior to 1.22.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Uptime Kuma
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2023-36821 npm HIGH POC PATCH This Week

Uptime Kuma, a self-hosted monitoring tool, allows an authenticated attacker to install a maliciously crafted plugin in versions prior to 1.22.1, which may lead to remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Node.js RCE Uptime Kuma
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2023-26777 MEDIUM This Month

Cross Site Scripting vulnerability found in : louislam Uptime Kuma v.1.19.6 and before allows a remote attacker to execute arbitrary commands via the description, title, footer, and incident creation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uptime Kuma
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-25811 MEDIUM POC This Month

Uptime Kuma is a self-hosted monitoring tool. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Uptime Kuma
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-25810 MEDIUM This Month

Uptime Kuma is a self-hosted monitoring tool. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Uptime Kuma
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Dockge Uptime Kuma
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Session Fixation Authentication Bypass Dockge +1
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

Uptime Kuma is an open source self-hosted monitoring tool. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google XSS Uptime Kuma
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

Uptime Kuma is a self-hosted monitoring tool. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Uptime Kuma
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC PATCH This Week

Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions prior to 1.22.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Uptime Kuma
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

Uptime Kuma, a self-hosted monitoring tool, allows an authenticated attacker to install a maliciously crafted plugin in versions prior to 1.22.1, which may lead to remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Node.js RCE Uptime Kuma
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting vulnerability found in : louislam Uptime Kuma v.1.19.6 and before allows a remote attacker to execute arbitrary commands via the description, title, footer, and incident creation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Uptime Kuma
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Uptime Kuma is a self-hosted monitoring tool. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Uptime Kuma
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Uptime Kuma is a self-hosted monitoring tool. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Uptime Kuma
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy