Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

louislam — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting louislam. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Louis Lam develops open-source backup solutions, primarily for Docker environments, with his Time Machine-inspired tool serving as a core use case for containerized data protection. Historically, vulnerabilities associated with this project include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. The project has addressed multiple critical security issues, including authentication bypasses and path traversal vulnerabilities, with patches released promptly upon discovery. While no major public security incidents have been documented, the consistent discovery of new CVEs underscores the importance of regular updates and security hardening for production deployments.

Top products by louislam: uptime-kuma
CVE IDTitleCVSSSeverityPublished
CVE-2026-33130 Uptime Kuma: SSTI in Notification Templates Allows Arbitrary File Read (Incomplete Fix for GHSA-vffh-c9pq-4crh) — uptime-kumaCWE-98 6.5 Medium2026-03-20
CVE-2026-32230 Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page — uptime-kumaCWE-862 5.3 Medium2026-03-12
CVE-2024-56331 Local File Inclusion (LFI) via Improper URL Handling in uptime-kuma's `Real-Browser` monitor — uptime-kumaCWE-22 6.8 Medium2024-12-20
CVE-2023-49805 Uptime Kuma Missing Origin Validation in WebSockets — uptime-kumaCWE-1385 6.0 Medium2023-12-11
CVE-2023-49804 Uptime Kuma Password Change Vulnerability — uptime-kumaCWE-384 6.7 Medium2023-12-11
CVE-2023-49276 Attribute Injection leading to XSS(Cross-Site-Scripting) in uptime-kuma — uptime-kumaCWE-79 6.3 Medium2023-12-01
CVE-2023-44400 Uptime Kuma has Persistentent User Sessions — uptime-kumaCWE-384 6.7 Medium2023-10-09
CVE-2023-36822 Uptime Kuma authenticated path traversal via plugin repository name may lead to unavailability or data loss — uptime-kumaCWE-22 6.5 Medium2023-07-05
CVE-2023-36821 Uptime Kuma vulnerable to authenticated remote code execution via malicious plugin installation — uptime-kumaCWE-20 8.8 High2023-07-05
CVE-2023-25811 Persistent Cross site scripting (XSS) in Uptime Kuma — uptime-kumaCWE-79 6.3 Medium2023-02-21
CVE-2023-25810 Persistent Cross site scripting (XSS) through description in status page in Uptime Kuma — uptime-kumaCWE-79 6.3 Medium2023-02-21

This page lists every published CVE security advisory associated with louislam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.