CVE-2026-45102EPSS p18.0%

CVE-2026-45102CVE-2026-45102

Description

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98.

Scoring

CVSS 9.9 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.27% probability of exploitation · percentile 18.0% · 2026-06-19T12:03:05Z
Last modified2026-06-01

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-27574
CVE
CVE-2026-30887
CVE
CVE-2026-35053
CVE
CVE-2026-33396
CVE
CVE-2026-30957
CVE
CVE-2026-30920
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.