Security Advisory

CVE-2026-27728

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-25 16:25:09

Last updated 2026-02-25 20:19:55

Assigner GitHub_M

State PUBLISHED

Description

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.7, an OS command injection vulnerability in `NetworkPathMonitor.performTraceroute()` allows any authenticated project user to execute arbitrary operating system commands on the Probe server by injecting shell metacharacters into a monitors destination field. Version 10.0.7 fixes the vulnerability.

← Browse all CVEs View on cve.org ↗