CVE-2026-32598

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-32598

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32598.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-32598

Aliases

GHSA-4524-cj9j-g4fj

Published

2026-03-12T21:31:12.776Z

Modified

2026-04-10T05:42:23.615790Z

Severity

6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator

Summary

OneUptime: Password Reset Token Logged at INFO Level

Details

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.24, the password reset flow logs the complete password reset URL — containing the plaintext reset token — at INFO log level, which is enabled by default in production. Anyone with access to application logs (log aggregation, Docker logs, Kubernetes pod logs) can intercept reset tokens and perform account takeover on any user. This vulnerability is fixed in 10.0.24.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32598.json",
    "cwe_ids": [
        "CWE-532"
    ],
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/oneuptime/oneuptime

Affected ranges

Type: GIT
Repo: https://github.com/oneuptime/oneuptime
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a8a9022ea2e2e1e83af391db597e06526bd93ece

Affected versions

Other

${CI_PIPELINE_ID}

build-number-6149

build-number-6151

build-number-6206

build-number-6214

build-number-6343

build-number-6345

build-number-6372

build-number-6390

build-number-6393

build-number-6402

build-number-6408

build-number-6480

build-number-6484

10.*

10.0.11

10.0.15

10.0.16

10.0.17

10.0.18

10.0.20

10.0.21

10.0.22

10.0.23

10.0.5

10.0.7

6.*

6.0.$CI_PIPELINE_ID

6.0.1

6.0.12

6.0.14

6.0.15

6.0.17

6.0.18

6.0.19

6.0.2

6.0.20

6.0.21

6.0.22

6.0.23

6.0.24

6.0.25

6.0.26

6.0.27

7.*

7.0.1000

7.0.1004

7.0.1039

7.0.104

7.0.1055

7.0.106

7.0.1078

7.0.109

7.0.1093

7.0.11

7.0.112

7.0.114

7.0.1143

7.0.1144

7.0.1167

7.0.1174

7.0.1183

7.0.1184

7.0.1191

7.0.1192

7.0.1195

7.0.122

7.0.1225

7.0.1229

7.0.123

7.0.1230

7.0.1243

7.0.1246

7.0.126

7.0.1265

7.0.1290

7.0.1297

7.0.130

7.0.131

7.0.1326

7.0.1327

7.0.134

7.0.1341

7.0.1353

7.0.137

7.0.1375

7.0.1377

7.0.1378

7.0.1379

7.0.1383

7.0.139

7.0.141

7.0.1430

7.0.1436

7.0.144

7.0.1441

7.0.1461

7.0.1469

7.0.149

7.0.1491

7.0.1494

7.0.1500

7.0.1502

7.0.1505

7.0.1506

7.0.1510

7.0.1513

7.0.1514

7.0.1517

7.0.1528

7.0.1529

7.0.1544

7.0.1555

7.0.1557

7.0.1568

7.0.1581

7.0.1585

7.0.1586

7.0.160

7.0.162

7.0.1633

7.0.1637

7.0.1638

7.0.1642

7.0.1643

7.0.165

7.0.167

7.0.1688

7.0.169

7.0.1694

7.0.1697

7.0.1708

7.0.1709

7.0.1717

7.0.173

7.0.1740

7.0.1741

7.0.1744

7.0.1745

7.0.1751

7.0.1752

7.0.1758

7.0.1767

7.0.1769

7.0.1780

7.0.1787

7.0.179

7.0.1790

7.0.1791

7.0.1792

7.0.1794

7.0.1797

7.0.18

7.0.1800

7.0.1803

7.0.1814

7.0.1815

7.0.182

7.0.1829

7.0.183

7.0.1830

7.0.1843

7.0.1852

7.0.1854

7.0.1856

7.0.1858

7.0.1860

7.0.1862

7.0.1866

7.0.1867

7.0.1870

7.0.1871

7.0.1874

7.0.1880

7.0.1881

7.0.1886

7.0.1888

7.0.1891

7.0.1894

7.0.1901

7.0.1902

7.0.1910

7.0.1929

7.0.193

7.0.1930

7.0.1931

7.0.1934

7.0.1935

7.0.1940

7.0.1945

7.0.1965

7.0.1966

7.0.197

7.0.1978

7.0.1982

7.0.1987

7.0.200

7.0.2009

7.0.201

7.0.2012

7.0.2014

7.0.2016

7.0.2018

7.0.2032

7.0.2033

7.0.204

7.0.2051

7.0.2055

7.0.2057

7.0.2062

7.0.2063

7.0.2066

7.0.2084

7.0.2086

7.0.2088

7.0.21

7.0.2118

7.0.213

7.0.2171

7.0.2186

7.0.219

7.0.2190

7.0.2191

7.0.2195

7.0.2196

7.0.2200

7.0.2207

7.0.2223

7.0.2224

7.0.2231

7.0.2233

7.0.2237

7.0.2239

7.0.224

7.0.2240

7.0.2243

7.0.2246

7.0.2270

7.0.228

7.0.231

7.0.2319

7.0.2320

7.0.2327

7.0.2335

7.0.2341

7.0.2346

7.0.2349

7.0.2354

7.0.2358

7.0.2361

7.0.2363

7.0.2371

7.0.2372

7.0.2377

7.0.239

7.0.2401

7.0.2402

7.0.2410

7.0.2446

7.0.2448

7.0.2449

7.0.2471

7.0.2473

7.0.2475

7.0.2476

7.0.2478

7.0.2479

7.0.2482

7.0.2487

7.0.2509

7.0.2525

7.0.2550

7.0.2571

7.0.2572

7.0.2574

7.0.2589

7.0.2620

7.0.2625

7.0.2628

7.0.2639

7.0.2643

7.0.2666

7.0.2721

7.0.2725

7.0.2730

7.0.2774

7.0.2825

7.0.2828

7.0.2832

7.0.2837

7.0.2846

7.0.2873

7.0.2875

7.0.2885

7.0.290

7.0.2901

7.0.2908

7.0.291

7.0.2913

7.0.2920

7.0.2923

7.0.2928

7.0.2936

7.0.294

7.0.296

7.0.297

7.0.2972

7.0.2976

7.0.298

7.0.2994

7.0.3010

7.0.3018

7.0.3035

7.0.3038

7.0.3040

7.0.3052

7.0.3064

7.0.3076

7.0.3080

7.0.3086

7.0.3095

7.0.3113

7.0.3124

7.0.3126

7.0.3129

7.0.3140

7.0.3148

7.0.3153

7.0.3158

7.0.3163

7.0.3176

7.0.318

7.0.3188

7.0.3198

7.0.3206

7.0.321

7.0.3211

7.0.3212

7.0.3225

7.0.3227

7.0.3237

7.0.3240

7.0.3242

7.0.3245

7.0.3250

7.0.3260

7.0.3278

7.0.3279

7.0.3291

7.0.3300

7.0.3309

7.0.3330

7.0.3336

7.0.3338

7.0.3343

7.0.335

7.0.3350

7.0.3351

7.0.3357

7.0.336

7.0.3365

7.0.3377

7.0.3387

7.0.339

7.0.3393

7.0.3403

7.0.3405

7.0.341

7.0.3413

7.0.3426

7.0.3437

7.0.344

7.0.3442

7.0.3445

7.0.3448

7.0.3453

7.0.3456

7.0.346

7.0.3464

7.0.3471

7.0.348

7.0.3480

7.0.35

7.0.350

7.0.3515

7.0.3517

7.0.352

7.0.3526

7.0.3538

7.0.354

7.0.3546

7.0.3548

7.0.3549

7.0.355

7.0.3557

7.0.3565

7.0.3579

7.0.358

7.0.3599

7.0.360

7.0.361

7.0.3611

7.0.3617

7.0.362

7.0.363

7.0.365

7.0.3652

7.0.366

7.0.367

7.0.3679

7.0.368

7.0.3682

7.0.3688

7.0.369

7.0.3691

7.0.3697

7.0.3699

7.0.3705

7.0.3708

7.0.3786

7.0.38

7.0.3822

7.0.3826

7.0.3831

7.0.3840

7.0.3882

7.0.3887

7.0.39

7.0.3903

7.0.3911

7.0.3914

7.0.3918

7.0.3922

7.0.3928

7.0.3930

7.0.3935

7.0.3939

7.0.3949

7.0.395

7.0.3952

7.0.3956

7.0.3958

7.0.3962

7.0.3965

7.0.3966

7.0.3970

7.0.3974

7.0.3975

7.0.3976

7.0.398

7.0.3980

7.0.3987

7.0.399

7.0.3993

7.0.4019

7.0.403

7.0.4034

7.0.404

7.0.4041

7.0.4066

7.0.407

7.0.4078

7.0.4084

7.0.409

7.0.4090

7.0.4093

7.0.4098

7.0.4099

7.0.410

7.0.4100

7.0.4102

7.0.4114

7.0.4115

7.0.4116

7.0.4123

7.0.4129

7.0.413

7.0.4135

7.0.414

7.0.4142

7.0.4144

7.0.4148

7.0.4150

7.0.4156

7.0.4158

7.0.416

7.0.4161

7.0.4166

7.0.4176

7.0.4188

7.0.419

7.0.4193

7.0.4194

7.0.422

7.0.4222

7.0.4223

7.0.4226

7.0.4227

7.0.423

7.0.4230

7.0.4232

7.0.4235

7.0.4239

7.0.4245

7.0.4248

7.0.4250

7.0.4255

7.0.4257

7.0.426

7.0.4260

7.0.427

7.0.431

7.0.4310

7.0.4312

7.0.4313

7.0.432

7.0.4341

7.0.4344

7.0.4345

7.0.4346

7.0.4349

7.0.437

7.0.438

7.0.4395

7.0.4415

7.0.4453

7.0.4518

7.0.4541

7.0.4543

7.0.4547

7.0.4578

7.0.4585

7.0.4588

7.0.4596

7.0.4597

7.0.4604

7.0.4652

7.0.4660

7.0.4663

7.0.4665

7.0.4671

7.0.4676

7.0.4699

7.0.47

7.0.4717

7.0.4720

7.0.4741

7.0.4748

7.0.4751

7.0.4758

7.0.4762

7.0.4763

7.0.4766

7.0.4771

7.0.4773

7.0.4808

7.0.4810

7.0.4813

7.0.4815

7.0.4816

7.0.4825

7.0.4829

7.0.4832

7.0.4836

7.0.4844

7.0.4845

7.0.4848

7.0.4849

7.0.4868

7.0.4877

7.0.4917

7.0.4922

7.0.4972

7.0.4976

7.0.4978

7.0.4981

7.0.5029

7.0.5045

7.0.5058

7.0.5065

7.0.5068

7.0.5069

7.0.5077

7.0.5079

7.0.5080

7.0.5096

7.0.5098

7.0.5108

7.0.528

7.0.529

7.0.53

7.0.530

7.0.533

7.0.534

7.0.537

7.0.538

7.0.54

7.0.542

7.0.543

7.0.546

7.0.548

7.0.549

7.0.55

7.0.551

7.0.556

7.0.557

7.0.559

7.0.56

7.0.563

7.0.566

7.0.567

7.0.568

7.0.57

7.0.572

7.0.580

7.0.581

7.0.586

7.0.587

7.0.590

7.0.591

7.0.592

7.0.595

7.0.596

7.0.599

7.0.601

7.0.602

7.0.606

7.0.608

7.0.612

7.0.613

7.0.616

7.0.617

7.0.620

7.0.621

7.0.622

7.0.625

7.0.626

7.0.629

7.0.636

7.0.640

7.0.645

7.0.647

7.0.650

7.0.653

7.0.654

7.0.657

7.0.658

7.0.662

7.0.664

7.0.67

7.0.69

7.0.71

7.0.72

7.0.723

7.0.724

7.0.725

7.0.729

7.0.730

7.0.734

7.0.738

7.0.739

7.0.743

7.0.747

7.0.748

7.0.75

7.0.753

7.0.755

7.0.756

7.0.759

7.0.76

7.0.761

7.0.762

7.0.765

7.0.766

7.0.774

7.0.775

7.0.778

7.0.782

7.0.79

7.0.791

7.0.796

7.0.797

7.0.8

7.0.804

7.0.81

7.0.810

7.0.813

7.0.814

7.0.817

7.0.818

7.0.82

7.0.823

7.0.834

7.0.835

7.0.838

7.0.841

7.0.844

7.0.85

7.0.859

7.0.86

7.0.865

7.0.89

7.0.890

7.0.892

7.0.894

7.0.90

7.0.905

7.0.907

7.0.911

7.0.912

7.0.918

7.0.927

7.0.929

7.0.931

7.0.943

7.0.944

7.0.948

7.0.949

7.0.953

7.0.954

7.0.955

7.0.959

7.0.961

7.0.965

7.0.966

7.0.972

7.0.973

7.0.977

7.0.979

7.0.98

7.0.984

8.*

8.0.5124

8.0.5125

8.0.5129

8.0.5151

8.0.5159

8.0.5163

8.0.5167

8.0.5174

8.0.5181

8.0.5185

8.0.5199

8.0.5209

8.0.5219

8.0.5220

8.0.5237

8.0.5239

8.0.5312

8.0.5341

8.0.5353

8.0.5355

8.0.5358

8.0.5359

8.0.5362

8.0.5403

8.0.5409

8.0.5416

8.0.5438

8.0.5440

8.0.5466

8.0.5469

8.0.5489

8.0.5496

8.0.5516

8.0.5567

8.0.5570

8.0.5571

8.0.5572

8.0.5574

8.0.5579

8.0.5580

8.0.5584

9.*

9.0.5598

9.1.0

9.1.1

9.1.2

9.1.3

9.2.10

9.2.11

9.2.12

9.2.4

9.2.7

9.2.8

9.2.9

9.3.0

9.3.11

9.3.13

9.3.14

9.3.15

9.3.16

9.3.19

9.3.2

9.3.22

9.3.3

9.3.4

9.3.6

9.3.7

9.3.8

9.4.0

9.4.1

9.4.11

9.4.13

9.4.2

9.4.3

9.5.0

9.5.13

9.5.2

9.5.3

9.5.8

v4.*

v4.0.0

v4.0.1

v4.0.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-32598.json"