Lucene search
K

4 matches found

OSV
OSV
added 2026/06/04 9:5 p.m.7 views

ROOT-APP-NPM-CVE-2026-44001 CVE-2026-44001 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44001 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

8.6CVSS5.8AI score0.00448EPSS
Exploits1
CVE
CVE
added 2026/05/13 5:29 p.m.36 views

CVE-2026-44001

Summary : CVE-2026-44001 affects vm2 before version 3.11.0, where a sandbox escape allows sandboxed code to crash the host Node.js process via an unhandled rejection from a Promise executor. The issue stems from the executor path not being sanitized, even though the earlier CVE-2026-22709 fix add...

8.6CVSS5.9AI score0.00448EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/07 4:10 a.m.8 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-44001 via org.webjars.npm:vm2 (=3.9.19)

org.webjars.npm:vm2 MAVEN version =3.9.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vm2 and may be impacted: - org.webjars.npm:degenerator =4.0.4 - org.webjars.npm:pac-resolver =6.0.2 - org.webjars.npm:rocket.chatapps-engine =1.35...

8.6CVSS5.8AI score0.00448EPSS
Exploits1
Circl
Circl
added 2026/05/01 8:43 p.m.9 views

CVE-2026-44001

creationtimestamp| type| source ---|---|--- 2026-05-01 20:43:31+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-hw58-p9xv-2mjh 2026-05-13 21:45:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlrbn3ni6e2c 2026-05-14 18:37:07+00:00|...

8.6CVSS5.7AI score0.00448EPSS
Exploits1References3
Rows per page
Query Builder