GHSA-H343-GG57-2Q67: CVE-2026-27574: Remote Code Execution in OneUptime Probe via VM Sandbox Escape

CVE-2026-27574: Remote Code Execution in OneUptime Probe via VM Sandbox Escape Vulnerability ID: GHSA-H343-GG57-2Q67 CVSS Score: 10.0 Published: 2026-03-07 A critical Remote Code Execution (RCE) vulnerability exists in the OneUptime Probe component due to unsafe execution of user-supplied JavaScript. The application leverages the standard Node.js vm module to run Synthetic Monitors, which fails to provide a secure security boundary. Authenticated attackers, including low-privileged project members, can break out of the sandbox using prototype chain traversal to access the host process. This grants full access to the underlying server and critical cluster credentials, including database passwords and the master secret. TL;DR The OneUptime Probe executes user-defined monitoring scripts using the insecure Node.js vm module. Attackers can escape this sandbox via this.constructor.constructor , gaining full RCE on the host and access to all cluster secrets. Fixed in version 10.0.5 by migrati