CVE-2026-6224— nocobase plugin-workflow-javascript Vm.js createSafeConsole sandbox
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-6224
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
nocobase plugin-workflow-javascript Vm.js createSafeConsole sandbox
Source: NVD (National Vulnerability Database)
Vulnerability Description
A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing a manipulation results in sandbox issue. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
权限/沙箱问题
Source: NVD (National Vulnerability Database)
Vulnerability Title
Nocobase 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Nocobase是NocoBase开源的一个低代码平台。 Nocobase 2.0.23及之前版本存在安全漏洞,该漏洞源于对文件packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js的函数createSafeConsole操作不当,可能导致沙盒问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| nocobase | plugin-workflow-javascript | 2.0.0 | - |
II. Public POCs for CVE-2026-6224
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-6224
请登录查看更多情报信息。
- CVE-2026-6224 nocobase plugin-workflow-javascript Vm.js createSafeConsole sandboxvdb-entrytechnical-description
- https://nvd.nist.gov/vuln/detail/CVE-2026-6224
IV. Related Vulnerabilities
Same vendor: nocobase
- CVE-2026-41641
NocoBase Vulnerable to SQL Validation Bypass via `sqlCollect - CVE-2026-41640
NocoBase Vulnerable to SQL Injection via String Concatenatio - CVE-2026-40346
NocoBase has SSRF in Workflow HTTP Request and Custom Reques - CVE-2026-34825
NocoBase Has SQL Injection via template variable substitutio - CVE-2026-34156
NocoBase Affected by Sandbox Escape to RCE via console._stdo
Same weakness: CWE-265
- CVE-2026-6878
ByteDance verl grader.py math_equal sandbox - CVE-2026-6117
AstrBotDevs AstrBot install-upload Endpoint plugin.py instal - CVE-2025-5874
Redash getattr python.py run_query sandbox - CVE-2025-5321
aimhubio aim run_view Object query.py RestrictedPythonQuery - CVE-2024-2007
OpenBMB XAgent Privileged Mode sandbox
V. Comments for CVE-2026-6224
No comments yet