3 matches found
@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +23 more potentially affected by CVE-2026-47131 via vm2 (>=3.0.0 <=3.11.3)
vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.0.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =0.1.65 and more Source cves: CVE-2026-47131 Source advisory: SNYK:JS-VM2-17111319...
org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-47131 via org.webjars.npm:vm2 (=3.9.19)
org.webjars.npm:vm2 MAVEN version =3.9.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vm2 and may be impacted: - org.webjars.npm:degenerator =4.0.4 - org.webjars.npm:pac-resolver =6.0.2 - org.webjars.npm:rocket.chatapps-engine =1.35...
CVE-2026-47131
creationtimestamp| type| source ---|---|--- 2026-05-18 12:45:44+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-v6mx-mf47-r5wg 2026-07-09 07:50:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mq75jnrniv24...