CVE-2026-44006 | patriksimek vm2 up to 3.10.x BaseHandler.getPrototypeOf code injection (GHSA-qcp4-v2jj-fjx8)

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability identified as critical has been detected in patriksimek vm2 up to 3.10.x. This affects the function BaseHandler.getPrototypeOf. This manipulation causes code injection.

This vulnerability appears as CVE-2026-44006. The attack may be initiated remotely. There is no available exploit.

You should upgrade the affected component.

CVE-2026-44006 | patriksimek vm2 up to 3.10.x BaseHandler.getPrototypeOf code injection (GHSA-qcp4-v2jj-fjx8)

Post correlati

CVE-2025-61622 | Apache Fory up to 0.12.2 Python pickle.loads deserialization

CVE-2026-34219 | libp2p-gossipsub prior 0.49.4 denial of service

CVE-2024-54260 | BlazeThemes News Kit Elementor Addons Plugin up to 1.2.2 on WordPress cross site scripting

CVE-2025-7136 | Campcodes Online Recruitment Management System 1.0 /admin/view_vacancy.php ID sql injection