Known Vulnerabilities for products from Vm2 Project
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Vm2 Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49368 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-49299 json | Not Provided | 2026-05-28 | 2026-05-29 | |
| CVE-2026-48245 json | Not Provided | 2026-05-21 | 2026-05-21 | |
| CVE-2026-48244 json | Not Provided | 2026-05-21 | 2026-05-21 | |
| CVE-2026-48065 json | Not Provided | 2026-05-27 | 2026-05-28 | |
| CVE-2026-47728 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47716 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47715 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47179 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-47125 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-45411 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield* expr... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44009 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, This vulnerability is fixed in 3.11.2. | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44008 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects ... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44007 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can ... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44006 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can ... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44005 json | vm2 is an open source vm/sandbox for Node.js. From 3.9.6 to 3.10.5, vm2's bridge exposes mutable proxies for real host-realm ... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44004 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, sandboxed code can call Buffer.alloc() with an arbitrary size ... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44003 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's code transformer has a performance optimization that ski... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44002 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class (intended as a safe wrapper for V... | Not Provided | 2026-05-13 | 2026-05-14 |
| CVE-2026-44001 json | vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandb... | Not Provided | 2026-05-13 | 2026-05-18 |