CVE-2026-44008 | patriksimek vm2 up to 3.11.1 neutralizeArraySpeciesBatch exposure of resource (GHSA-9qj6-qjgg-37qq)

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability labeled as critical has been found in patriksimek vm2 up to 3.11.1. This vulnerability affects the function neutralizeArraySpeciesBatch. Such manipulation leads to exposure of resource.

This vulnerability is traded as CVE-2026-44008. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-44008 | patriksimek vm2 up to 3.11.1 neutralizeArraySpeciesBatch exposure of resource (GHSA-9qj6-qjgg-37qq)

Post correlati

CVE-2023-49107 | Hitachi Device Manager prior 8.8.5-04 on Windows/Linux Agent Module information exposure (sec-2024-101)

CVE-2024-21743 | favethemes Houzez Login Register Plugin up to 3.2.5 on WordPress privileges assignment

CVE-2024-43791 | steveklabnik request_store 1.3.2 default permission (GHSA-frp2-5qfc-7r8m)

CVE-2024-13387 | WP Responsive Tabs Plugin up to 1.2.9 on WordPress cross site scripting