CVE-2025-26042

Published: Mar 17, 2025

Modified: Jan 26, 2026

PUBLISHED

Description

Uptime Kuma >== 1.23.0 has a ReDoS vulnerability, specifically when an administrator creates a notification through the web service. If a string is provided it triggers catastrophic backtracking in the regular expression, leading to a ReDoS attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/louislam/uptime-kuma/issues/5574

https://github.com/louislam/uptime-kuma/pull/5573

https://github.com/louislam/uptime-kuma/commit/7a9191761dbef6551c2a0aa6eed5f693ba48d688

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-26042

Description

Affected Products

References