CVE-2026-33396
Remote Code Execution via Playwright Sandbox Bypass in OneUptime Probe
Publication date: 2026-03-26
Last updated on: 2026-03-26
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hackerbay | oneuptime | to 10.0.35 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-693 | The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. |
| CWE-184 | The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete. |
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-33396 is a critical sandbox escape vulnerability in the Synthetic Monitor Playwright runtime of the OneUptime platform prior to version 10.0.35. It allows a low-privileged authenticated user (ProjectMember) to execute arbitrary commands remotely on the Probe container or host. This happens because the Synthetic Monitor code runs inside a VM with a live Playwright page object in context, but the sandbox's denylist of blocked properties and methods is incomplete. Specifically, properties like _browserType and the method launchServer are not blocked, enabling attacker-controlled code to traverse the object chain page.context().browser()._browserType.launchServer(...) and spawn arbitrary processes on the host.
How can this vulnerability impact me? :
This vulnerability allows any project member with rights to create Synthetic Monitors to achieve remote code execution (RCE) on the Probe host. This means an attacker can run arbitrary shell commands on the host system without user interaction and with low privileges. The impact is severe, compromising the confidentiality, integrity, and availability of the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if your system is running a vulnerable version of OneUptime prior to 10.0.35 or @oneuptime/probe prior to 3.0.2. Additionally, monitoring for suspicious Synthetic Monitor Playwright script executions that attempt to access the properties page.context().browser()._browserType.launchServer(...) can indicate exploitation attempts.
Since the exploit involves executing arbitrary commands on the Probe container or host, you can look for unusual process executions spawned by the Probe service, such as unexpected /bin/sh commands.
Suggested commands to detect potential exploitation attempts include:
- Check the version of OneUptime or @oneuptime/probe installed:
- - For OneUptime: `oneuptime --version` or check package.json dependencies.
- - For @oneuptime/probe: `npm list @oneuptime/probe` or check installed package versions.
- Monitor running processes for suspicious child processes spawned by the Probe container:
- - `ps aux | grep probe` to identify Probe processes.
- - `pstree -p` to view process trees and spot unexpected shells or commands spawned.
- Check logs for Synthetic Monitor creations or executions that include Playwright scripts invoking launchServer or similar methods.
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade OneUptime to version 10.0.35 or later, which contains a patch that enhances the sandbox denylist to block the properties and methods that enable this sandbox escape.
Specifically, the patch blocks access to `_browserType`, `launchServer`, and `connect` properties/methods in the VMRunner sandbox, preventing attackers from spawning arbitrary processes.
If upgrading immediately is not possible, restrict or disable the ability for low-privileged users (ProjectMembers) to create or execute Synthetic Monitors that run Playwright scripts, as this is the attack vector.
Additionally, monitor and audit user activities related to Synthetic Monitor creation and execution to detect and respond to suspicious behavior.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a low-privileged authenticated user to achieve remote code execution on the Probe container or host, which can lead to a complete compromise of confidentiality, integrity, and availability of the system.
Such a compromise can result in unauthorized access to sensitive data, disruption of services, and potential data breaches, all of which negatively impact compliance with common standards and regulations like GDPR and HIPAA that require strict controls over data confidentiality and system integrity.
Because the vulnerability enables attackers to execute arbitrary commands remotely without user interaction and with low privileges, it poses a significant risk to maintaining regulatory compliance related to data protection and system security.