Vulnerabilidades em patriksimek
37 resultadosCVE-2026-26332CRITICALvm2: Sandbox EscapeEPSS 0.6%CVE-2026-44005CRITICALvm2: Sandbox escapeEPSS 0.6%CVE-2026-47140CRITICALvm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code executionEPSS 0.5%CVE-2026-47208CRITICALvm2: Sandbox Breakout Using Promise SpeciesEPSS 0.5%CVE-2026-47210CRITICALvm2 sandbox escape via JSPI-backed Promise `.finally()` species bypassEPSS 0.5%CVE-2026-45411CRITICALvm2: Sandbox Breakout Using Async GeneratorEPSS 0.5%CVE-2026-47131CRITICALvm2: Sandbox EscapeEPSS 0.4%CVE-2026-47137CRITICALvm2: GHSA-8hg8-63c5-gwmx patch bypass: nesting:true without explicit require still allows full RCEEPSS 0.4%CVE-2026-44001HIGHvm2: Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)EPSS 0.3%CVE-2026-44004HIGHvm2: Host Process OOM DoS via Buffer.alloc (Timeout Bypass)EPSS 0.3%CVE-2026-47141MEDIUMvm2: NodeVM observability builtins leak host process and HTTP request dataEPSS 0.3%CVE-2026-47209HIGHvm2: Bridge Proxy set trap ignores receiver parameter, enabling host object property injection via prototype chainEPSS 0.3%CVE-2026-47139HIGHvm2: NodeVM network builtin exclusions bypass via internal _http_client and _http_serverEPSS 0.3%CVE-2026-47135HIGHvm2: Sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checksEPSS 0.3%CVE-2026-44003MEDIUMvm2: Transformer Fast-Path Bypass Exposes Internal State VariableEPSS 0.2%CVE-2026-44002MEDIUMvm2: Host File Path Disclosure via Stack Trace Information LeakEPSS 0.2%CVE-2026-44000MEDIUMvm2: sandbox boundary bypass via host Promise resolution preserving host object identityEPSS 0.2%