@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +21 more potentially affected by CVE-2026-43998 via vm2 (>=3.0.0 <=3.10.5)

vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =1.66.16, =1.66.16, =1.72.1 and more Source cves: CVE-2026-43998 Source advisory: SNYK:JS-VM2-16439013...

CVE-2026-43998

creationtimestamp| type| source ---|---|--- 2026-05-01 20:45:09+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-cp6g-6699-wx9c 2026-05-13 22:18:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlrdihdlff2c 2026-05-18 07:07:08+00:00|...