CVE-2026-48546

KanaDojo before 0.1.18 contains a sandbox-escape RCE in the issue-auto-respond.yml workflow. The root cause is explicit passing of the global require into a Node.js vm.runInNewContext() sandbox, allowing an attacker to modify messages.cjs to import arbitrary Node.js modules and achieve remote cod...

CVE-2026-45102

CVE-2026-45102 concerns OneUptime, an open-source monitoring platform. Prior to version 10.0.98, OneUptime used Node.js vm module as an isolation primitive, which is not intended for security boundaries and can be escaped via error objects and infinite recursion, potentially enabling remote code ...

CVE-2026-45102 OneUptime: RCE due to Node.js' vm module escape via error objects and infinite recursion

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. This vulnerability is fixed in 10.0.98...

CVE-2026-34156

NocoBase exposes a sandbox escape in the Workflow Script Node: an attacker can traverse the sandbox through the host console object (console._stdout/console._stderr) prototype chain to reach the Function constructor, access process, require child_process, and achieve Remote Code Execution as root...