vm2 project

Top products

The 15 most recently published vulnerabilities affecting vm2 project.

• CVE-2026-44005vm2: Sandbox escape10.0May 13, 2026
• CVE-2026-45411vm2: Sandbox Breakout Using Async Generator9.8May 13, 2026
• CVE-2026-44009vm2: Sandbox Breakout Through Null Proto Exception9.8May 13, 2026
• CVE-2026-44008vm2: Snabox breakout via `neutralizeArraySpeciesBatch`9.8May 13, 2026
• CVE-2026-44007vm2: nesting: true bypasses require: false, allowing sandbox escape to arbitrary OS command execution9.1May 13, 2026
• CVE-2026-44006vm2: Sandbox Escape10.0May 13, 2026
• CVE-2026-44004vm2: Host Process OOM DoS via Buffer.alloc (Timeout Bypass)7.5May 13, 2026
• CVE-2026-44003vm2: Transformer Fast-Path Bypass Exposes Internal State Variable5.3May 13, 2026
• CVE-2026-44002vm2: Host File Path Disclosure via Stack Trace Information Leak5.8May 13, 2026
• CVE-2026-44001vm2: Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)8.6May 13, 2026
• CVE-2026-44000vm2: sandbox boundary bypass via host Promise resolution preserving host object identity6.5May 13, 2026
• CVE-2026-43999vm2: NodeVM builtin allowlist bypass via `module` builtin's `Module._load` allows sandbox escape9.9May 13, 2026
• CVE-2026-43998vm2: NodeVM require.root bypass via symlink traversal allows sandbox escape8.5May 13, 2026
• CVE-2026-43997vm2: Sandbox Escape10.0May 13, 2026
• CVE-2026-26956vm2: WASM Sandbox Escape (Node 25 only)9.8May 4, 2026