CVE-2026-30887— OneUptime 安全漏洞

OneUptime Affected by Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCE

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.18, OneUptime allows project members to run custom Playwright/JavaScript code via Synthetic Monitors to test websites. However, the system executes this untrusted user code inside the insecure Node.js vm module. By leveraging a standard prototype-chain escape (this.constructor.constructor), an attacker can bypass the sandbox, gain access to the underlying Node.js process object, and execute arbitrary system commands (RCE) on the oneuptime-probe container. Furthermore, because the probe holds database/cluster credentials in its environment variables, this directly leads to a complete cluster compromise. This vulnerability is fixed in 10.0.18.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

对生成代码的控制不恰当(代码注入)

OneUptime 安全漏洞

OneUptime是OneUptime开源的一个全面的解决方案。用于监控和管理您的在线服务。 OneUptime 10.0.18之前版本存在安全漏洞，该漏洞源于在不安全的Node.js vm模块中执行不受信任的用户代码，可能导致沙箱绕过、远程代码执行和集群完全破解。

N/A

N/A