UNKNOWNCVE-2026-34758

OneUptime: Missing Authentication on Notification Endpoints

Platform

other

Component

oneuptime

Fixed in

10.0.42

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, unauthenticated access to Notification test and Phone Number management endpoints allows SMS/Call/Email/WhatsApp abuse and phone number purchase. This issue has been patched in version 10.0.42.

How to fix

Actualice OneUptime a la versión 10.0.42 o superior. Esta versión corrige la falta de autenticación en los endpoints de notificación, previniendo el abuso de SMS/Llamadas/Email/WhatsApp y la compra no autorizada de números de teléfono.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free