OsVault/npm/uptime-kuma
npm

uptime-kuma

5 known vulnerabilities · 0 critical · 0 high

CVE-2025-26042

Uptime Kuma's Regular Expression in pushdeeer and whapi file Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

Published Mar 31, 2025
CVE-2026-32230

Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page

Published Mar 12, 2026
CVE-2023-49804MEDIUM

Password Change Vulnerability

Published Dec 12, 2023
GHSA-vffh-c9pq-4crh

Uptime Kuma Server-side Template Injection (SSTI) in Notification Templates Allows Arbitrary File Read

Published Oct 20, 2025
CVE-2023-44400MEDIUM

Uptime Kuma has Persistentent User Sessions

Published Oct 10, 2023
Check your entire dependency tree at onceRun dependency scan →