Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 11 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-33130 Uptime Kuma: SSTI in Notification Templates Allows Arbitrary File Read (Incomplete Fix for GHSA-vffh-c9pq-4crh) louislamuptime-kuma Medium 6.5 2026-03-20 09:50:55 Deep Dive
CVE-2026-32230 Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page louislamuptime-kuma Medium 5.3 2026-03-12 18:13:59 Deep Dive
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor louislamuptime-kuma Medium 6.8 2024-12-20 19:48:46 Deep Dive
CVE-2023-49805 Uptime Kuma Missing Origin Validation in WebSockets louislamuptime-kuma Medium 6.0 2023-12-11 22:37:05 Deep Dive
CVE-2023-49804 Uptime Kuma Password Change Vulnerability louislamuptime-kuma Medium 6.7 2023-12-11 22:32:33 Deep Dive
CVE-2023-49276 Attribute Injection leading to XSS(Cross-Site-Scripting) in uptime-kuma louislamuptime-kuma Medium 6.3 2023-12-01 22:05:42 Deep Dive
CVE-2023-44400 Uptime Kuma has Persistentent User Sessions louislamuptime-kuma Medium 6.7 2023-10-09 15:15:07 Deep Dive
CVE-2023-36822 Uptime Kuma authenticated path traversal via plugin repository name may lead to unavailability or data loss louislamuptime-kuma Medium 6.5 2023-07-05 21:18:09 Deep Dive
CVE-2023-36821 Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation louislamuptime-kuma High 8.8 2023-07-05 21:14:44 Deep Dive
CVE-2023-25811 Persistent Cross site scripting (XSS) in Uptime Kuma louislamuptime-kuma Medium 6.3 2023-02-21 20:45:40 Deep Dive
CVE-2023-25810 Persistent Cross site scripting (XSS) through description in status page in Uptime Kuma louislamuptime-kuma Medium 6.3 2023-02-21 20:45:38 Deep Dive