32 matches found
Improper Isolation or Compartmentalization
Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization through the NodeVM constructor in lib/nodevm.js. An attacker can run host commands when th...
vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape
Summary NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve which does not dereference symlinks but module loading uses Node's...
GHSA-947F-4V7F-X2V8 vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
Summary NodeVM's builtin allowlist can be bypassed when the module builtin is allowed including via the '' wildcard. The module builtin exposes Node's Module.load, which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed co...
PT-2026-38390
Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.0 Description NodeVM's builtin allowlist can be bypassed when the module builtin is allowed, including when the wildcard is used. The module builtin exposes Node's Module. load function, which loads any module by nam...
CVE-2025-34267
Flowise v3.0.1 3.0.8 and all versions after with 'ALLOWBUILTINDEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules Puppeteer and Playwright within the nodevm execution environment. An authenticated attacker...
Arbitrary Command Injection
Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Arbitrary Command Injection via the nodevm execution environment when integrated modules such as Puppeteer or Playwright are used with attacker-controlled browser binary paths and parameters. An authenticat...
Arbitrary Command Injection
Overview flowise-components is a Flowiseai Components Affected versions of this package are vulnerable to Arbitrary Command Injection via the nodevm execution environment when integrated modules such as Puppeteer or Playwright are used with attacker-controlled browser binary paths and parameters...
GHSA-R4HH-PCGX-J5R2 Flowise: Authenticated Command Execution and Sandbox Bypass via Puppeteer and Playwright Packages
Flowise v3.0.1 3.0.8 and all versions after with 'ALLOWBUILTINDEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules Puppeteer and Playwright within the nodevm execution environment. An authenticated attacker...
EUVD-2025-34455
Flowise: Authenticated Command Execution and Sandbox Bypass via Puppeteer and Playwright Packages...
CVE-2025-34267
Flowise v3.0.1 3.0.8 and all versions after with 'ALLOWBUILTINDEP' enabled contain an authenticated remote code execution vulnerability and node VM sandbox escape due to insecure use of integrated modules Puppeteer and Playwright within the nodevm execution environment. An authenticated attacker...
Flowise 安全漏洞
Flowise is a FlowiseAI open source tool for easily building LLM applications. A security vulnerability exists in Flowise, which stems from improper use of integration modules in the nodevm execution environment and could allow an authenticated attacker to bypass sandbox restrictions and execute...
PT-2025-42175
Name of the Vulnerable Software and Affected Versions Flowise versions 3.0.1 through 3.0.7 Flowise versions 3.0.8 and later with 'ALLOW BUILTIN DEP' enabled Description The software contains an authenticated remote code execution issue and a node VM sandbox escape. This is due to insecure use of...