Lucene search
+L

5 matches found

nvd
nvd
added 2026/06/25 2:16 p.m.8 views

CVE-2026-56014

Unauthenticated Cross Site Scripting XSS in Master Slider = 3.11.2 versions...

7.1CVSS0.00175EPSS
Exploits0References1
patchstack
patchstack
added 2026/05/14 9:14 p.m.35 views

NPM: vm2 Has a Sandbox Breakout Using Async Generator

NPM: vm2 Has a Sandbox Breakout Using Async Generator vulnerability discovered by ? in WordPress Npm vm2 versions = 3.11.2...

9.8CVSS5.8AI score0.00568EPSS
Exploits1References5Affected Software1
vulnrichment
vulnrichment
added 2026/05/13 5:36 p.m.10 views

CVE-2026-44009 vm2: Sandbox Breakout Through Null Proto Exception

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, This vulnerability is fixed in 3.11.2...

9.8CVSS6AI score0.00812EPSS
Exploits1References1
cnnvd
cnnvd
added 2026/05/13 12:0 a.m.10 views

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using Node’s built-in modules listed in the allowlist. Versions of vm2 prior to 3.11.2 had a security vulnerability. This vulnerability stemmed from the neutralizeArraySpeciesBatch method...

9.8CVSS6.2AI score0.00851EPSS
Exploits1References1
attackerkb
attackerkb
added 2022/03/13 2:15 a.m.4 views

CVE-2021-45886

An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user such as operator can be used to confirm actions of higher-privileged ones such...

8.8CVSS7.4AI score0.00546EPSS
Exploits1References3
Rows per page
Query Builder