Lucene search
K

501 matches found

EUVD
EUVD
added 2026/06/12 2:14 p.m.10 views

EUVD-2026-36440

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the BaseHandler.set trap in bridge.js line 1231 ignores the receiver parameter and unconditionally writes to the host target object. Per the Proxy set trap specification, when receiver !== proxy e.g., when a child object...

8.6CVSS5.2AI score0.00287EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 1:27 p.m.8 views

ROOT-APP-NPM-CVE-2026-47208 CVE-2026-47208 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47208 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS5.4AI score0.0051EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.6 views

ROOT-APP-NPM-CVE-2026-47139 CVE-2026-47139 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47139 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

8.6CVSS5.4AI score0.00282EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.6 views

ROOT-APP-NPM-CVE-2026-47210 CVE-2026-47210 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47210 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

9.8CVSS5.2AI score0.00507EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.10 views

ROOT-APP-NPM-CVE-2026-47140 CVE-2026-47140 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47140 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS5.4AI score0.00536EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.6 views

ROOT-APP-NPM-CVE-2026-47131 CVE-2026-47131 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47131 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS5.2AI score0.004EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.6 views

ROOT-APP-NPM-CVE-2026-47135 CVE-2026-47135 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47135 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

8.7CVSS5.5AI score0.00266EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.7 views

ROOT-APP-NPM-CVE-2026-47209 CVE-2026-47209 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47209 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

8.6CVSS5.4AI score0.00287EPSS
Exploits0
OSV
OSV
added 2026/06/12 1:27 p.m.9 views

ROOT-APP-NPM-CVE-2026-47137 CVE-2026-47137 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47137 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS5.5AI score0.00382EPSS
Exploits0
Veracode
Veracode
added 2026/06/10 2:27 p.m.14 views

Sandbox Escape

vm2 is vulnerable to Sandbox Escape. The vulnerability is due to incomplete protection of dangerous cross-realm symbols in setup-sandbox.js and missing validation in the bridge's set, defineProperty, and deleteProperty traps. This allows sandboxed code to obtain and manipulate real cross-realm...

8.7CVSS6.2AI score0.00266EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.10 views

CVE-2026-44003

A flaw was found in vm2 before 3.11.0. A code transformer fast-path skips AST analysis when catch, import, and async are absent, allowing direct access to VM2INTERNALSTATEDONOTUSEORPROGRAMWILLFAIL and internal security functions handleException, wrapWith, import. Fixed in 3.11.0...

5.8CVSS5.8AI score0.00248EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44000

A flaw was found in vm2 before 3.11.0. Host-side Promises that resolve to host objects deliver values to sandbox .then callbacks without cross-realm conversion ensureThis instead of from/proxy wrapping, allowing sandbox code to interact with host objects directly. Fixed in 3.11.0...

7.2CVSS5.8AI score0.002EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.12 views

CVE-2026-43997

A flaw was found in vm2 before 3.11.0, a Node.js sandbox library. Sandboxed code can obtain the host Object e.g. via HostObject.getOwnPropertySymbols and Symbolnodejs.util.inspect.custom, bypassing isolation and enabling arbitrary code execution on the host...

10CVSS6.7AI score0.00976EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.9 views

CVE-2026-45411

A flaw was found in vm2 before 3.11.3. Host exceptions can be caught from sandbox code using yield inside an async generator; closing the generator with return awaits the value and passes host exceptions back into the sandbox iterator, enabling escape and arbitrary host command execution. Fixed i...

9.8CVSS6AI score0.00568EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44005

A flaw was found in vm2 3.9.6 through 3.10.5. The VM bridge exposes mutable proxies for host intrinsic prototypes and forwards sandbox writes via otherReflectSet/otherReflectDefineProperty, allowing mutation of host Object.prototype, Array.prototype, and Function.prototype from inside the sandbox...

10CVSS6AI score0.00842EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.9 views

CVE-2026-44009

A flaw was found in vm2 before 3.11.2. A sandbox escape vulnerability allows remote attackers to execute arbitrary code on the host system by breaking vm2 isolation. Fixed in 3.11.2...

9.8CVSS6.5AI score0.00812EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44007

A flaw was found in vm2 before 3.11.1. With nesting: true, sandbox code can require'vm2' regardless of outer require settings including require: false, spawn an inner NodeVM with unrestricted require, and execute arbitrary OS commands on the host. Fixed in 3.11.1...

9.9CVSS6.4AI score0.009EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.8 views

CVE-2026-44008

A flaw was found in vm2 before 3.11.2. The neutralizeArraySpeciesBatch method can invoke host-side getters on array prototypes, exposing host objects and the host Function into the sandbox for escape and arbitrary command execution. Fixed in 3.11.2...

9.8CVSS6.2AI score0.00851EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.10 views

CVE-2026-44006

A flaw was found in vm2 before 3.11.0. Sandboxed code can reach BaseHandler.getPrototypeOf to obtain arbitrary prototypes, enabling sandbox escape and arbitrary code execution. Fixed in 3.11.0...

10CVSS6.3AI score0.00815EPSS
Exploits1References4
OSV
OSV
added 2026/06/04 9:5 p.m.8 views

ROOT-APP-NPM-CVE-2026-44003 CVE-2026-44003 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44003 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00248EPSS
Exploits1
Rows per page
Query Builder