Cyber Resilience

CVE-2026-34156

CriticalPublic PoC

Published: 31 March 2026

Published
31 March 2026
Modified
07 April 2026
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.3650 98.3th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-34156 is a critical-severity Improper Control of Dynamically-Managed Code Resources (CWE-913) vulnerability in Nocobase Nocobase. Its CVSS base score is 9.9 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 1.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as Other Platforms; in the Supply Chain and Deployment risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-39 (Process Isolation).

Deeper analysis

NocoBase is an AI-powered no-code/low-code platform for building business applications. Prior to version 2.0.28, its Workflow Script Node feature executes user-supplied JavaScript inside a Node.js vm sandbox that restricts module loading via a custom allowlist governed by the WORKFLOW_SCRIPT_MODULES environment variable. The sandbox context nevertheless injects the host-realm console object, which exposes WritableWorkerStdio streams through the non-enumerable properties console._stdout and console._stderr, enabling prototype-chain traversal that breaks out of the vm isolation.

An authenticated attacker with access to the Workflow Script Node can leverage this escape to obtain arbitrary code execution on the host as root. The vulnerability carries a CVSS 3.1 score of 9.9 and is tracked under CWE-913.

The official NocoBase security advisory GHSA-px3p-vgh9-m57c, the corresponding pull request, and the v2.0.28 release notes all state that the issue is resolved by upgrading to version 2.0.28, which removes the host-realm stream references from the sandbox context.

EPSS for the CVE currently stands at 0.3241 with a recorded peak of 0.3347; no public evidence of in-the-wild exploitation has been reported.

EU & UK References

Vulnerability details

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.28, NocoBase's Workflow Script Node executes user-supplied JavaScript inside a Node.js vm sandbox with a custom require allowlist (controlled by WORKFLOW_SCRIPT_MODULES env var). However,…

more

the console object passed into the sandbox context exposes host-realm WritableWorkerStdio stream objects via console._stdout and console._stderr. An authenticated attacker can traverse the prototype chain to escape the sandbox and achieve Remote Code Execution as root. This issue has been patched in version 2.0.28.

CWE(s)

AI Security AnalysisAI

AI Category
Other Platforms
Risk Domain
Supply Chain and Deployment
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: ai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.007 JavaScript Execution
Adversaries may abuse various implementations of JavaScript for execution.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Enables exploitation of public-facing no-code platform (T1190) by injecting malicious JavaScript (T1059.007) to escape sandbox and escalate privileges to root RCE (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-41640Same product: Nocobase Nocobase
CVE-2026-41641Same product: Nocobase Nocobase
CVE-2026-25049Shared CWE-913
CVE-2025-25270Shared CWE-913
CVE-2022-31764Shared CWE-913
CVE-2026-23830Shared CWE-913
CVE-2025-13659Shared CWE-913
CVE-2025-68613Shared CWE-913
CVE-2025-69219Shared CWE-913
CVE-2026-33286Shared CWE-913

Affected Assets

nocobase
nocobase
≤ 2.0.28

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces process isolation between the Node.js vm sandbox and host realm, blocking the prototype-chain escape via console._stdout/_stderr.

prevent

Enforces access-control policy on objects passed into the sandbox context, preventing the authenticated user from reaching host WritableWorkerStdio streams.

prevent

Limits privileges of the Workflow Script Node process so that even a successful sandbox escape yields non-root execution rather than root RCE.

References