CVE-2026-32306 | oneuptime up to 10.0.22 Telemetry Aggregation API append sql injection

A vulnerability marked as critical has been reported in oneuptime up to 10.0.22. Impacted is the function append of the component Telemetry Aggregation API. The manipulation of the argument aggregationType/aggregateColumnName/aggregationTimestampColumnName leads to sql injection.

This vulnerability is referenced as CVE-2026-32306. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More