VYPR
Critical severity9.9NVD Advisory· Published May 27, 2026· Updated Jun 1, 2026

CVE-2026-45102

CVE-2026-45102

Description

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Oneuptime/Oneuptimeinferred2 versions
    <10.0.98+ 1 more
    • (no CPE)range: <10.0.98
    • (no CPE)range: <10.0.98

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.