CVE-2026-6224

Vulnerability

The plugin-workflow-javascript package in nocobase up to version 2.0.23 contains a sandbox escape vulnerability in the createSafeConsole function within Vm.js. The implementation attempts to block access to the host Function constructor by setting constructor to null on bound console methods (e.g., console.log). However, this only removes the property from the bound function object itself, not from its prototype chain. An attacker can still recover the host Function via Object.getPrototypeOf(console.log).constructor and then execute arbitrary code in the host context [1].

Exploitation

The attack can be initiated remotely without authentication, as the workflow JavaScript execution environment is accessible through the NocoBase UI. By crafting a malicious workflow script that uses the prototype chain to access Object.getPrototypeOf(console.log).constructor('return process')(), an attacker can escape the sandbox and gain access to the host process object. The exploit has been publicly released and is reproducible on the official nocobase/nocobase:2.0.23-full Docker image [1].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the host Node.js process, bypassing the intended VM isolation. This can lead to full compromise of the server, including data exfiltration, lateral movement, and further attacks on the underlying infrastructure. The vulnerability is rated High with a CVSS v3 score of 7.3.

Mitigation

The vendor was contacted but did not respond. As of the publication date, no patch is available. Users should consider disabling the workflow-javascript plugin or restricting access to the NocoBase instance until a fix is released. The vulnerability is not yet listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.