5 matches found
CVE-2026-56014
Unauthenticated Cross Site Scripting XSS in Master Slider = 3.11.2 versions...
NPM: vm2 Has a Sandbox Breakout Using Async Generator
NPM: vm2 Has a Sandbox Breakout Using Async Generator vulnerability discovered by ? in WordPress Npm vm2 versions = 3.11.2...
CVE-2026-44009 vm2: Sandbox Breakout Through Null Proto Exception
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, This vulnerability is fixed in 3.11.2...
vm2 安全漏洞
vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.2 had a security vulnerability. This vulnerability stemmed from the neutralizeArraySpeciesBatch method...
CVE-2021-45886
An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user such as operator can be used to confirm actions of higher-privileged ones such...