CVE-2026-44006 | patriksimek vm2 up to 3.10.x BaseHandler.getPrototypeOf code injection (GHSA-qcp4-v2jj-fjx8)

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability identified as critical has been detected in patriksimek vm2 up to 3.10.x. This affects the function BaseHandler.getPrototypeOf. This manipulation causes code injection.

This vulnerability appears as CVE-2026-44006. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-44006 | patriksimek vm2 up to 3.10.x BaseHandler.getPrototypeOf code injection (GHSA-qcp4-v2jj-fjx8)

Post correlati

CVE-2026-7230 | SourceCodester Safety Anger Pad 1.0 angerDisplay cross site scripting

CVE-2021-47946 | OpenCart 3.0.3.6 Account Information /account/edit cross-site request forgery (Exploit 49407 / EDB-49407)

CVE-2024-1182 | Mitsubishi Electric ICONICS/AlarmWorX Multimedia/MobileHMI AlarmWorX64 MMX Page Agent uncontrolled search path (icsa-24-184-03)

CVE-2024-52050 | Trend Micro Apex One/Apex One as a Service LogServer link following