CVE-2026-34156: Nocobase Nocobase RCE Vulnerability

CVE-2026-34156 Overview

CVE-2026-34156 is a sandbox escape vulnerability in NocoBase, an AI-powered no-code/low-code platform for building business applications. The flaw resides in the Workflow Script Node, which executes user-supplied JavaScript inside a Node.js vm sandbox with a custom require allowlist controlled by the WORKFLOW_SCRIPT_MODULES environment variable. The console object passed into the sandbox exposes host-realm WritableWorkerStdio stream objects through console._stdout and console._stderr. An authenticated attacker can traverse the prototype chain to escape the sandbox and execute arbitrary code as root. The issue affects all versions prior to 2.0.28 and is classified under [CWE-913: Improper Control of Dynamically-Managed Code Resources].

Critical Impact

Authenticated attackers can achieve Remote Code Execution as root on the NocoBase host, leading to full system compromise.

Affected Products

• NocoBase versions prior to 2.0.28
• Self-hosted NocoBase deployments using the Workflow Script Node feature
• All platforms running the affected NocoBase versions

Discovery Timeline

• 2026-03-31 - CVE-2026-34156 published to NVD
• 2026-04-07 - Last updated in NVD database

Technical Details for CVE-2026-34156

Vulnerability Analysis

The vulnerability stems from incomplete isolation between the Node.js vm sandbox and the host realm. NocoBase's Workflow Script Node lets authenticated users define JavaScript that runs server-side. To restrict capabilities, NocoBase relies on a custom require allowlist defined through the WORKFLOW_SCRIPT_MODULES environment variable.

The console object injected into the sandbox context exposes internal stream references through console._stdout and console._stderr. These references point to WritableWorkerStdio instances allocated in the host realm. By walking the prototype chain of these stream objects, an attacker reaches constructors and functions defined outside the sandbox. Invoking these host-realm functions returns objects bound to the privileged outer context.

Once a reference to a host-realm Function constructor is obtained, the attacker can compile and execute arbitrary JavaScript with the privileges of the NocoBase process, which typically runs as root.

Root Cause

The Node.js vm module does not provide a true security boundary. NocoBase compounded this by exposing host-realm objects through console._stdout and console._stderr inside the sandbox context. This breaks the assumption that only sandbox-realm primitives are reachable from guest code [CWE-913].

Attack Vector

Exploitation requires an authenticated NocoBase account with permissions to create or edit Workflow Script Nodes. The attacker submits JavaScript that accesses console._stdout, traverses its prototype chain to reach a host-realm function, and uses that function to evaluate attacker-controlled code. The network attack vector and low attack complexity allow reliable exploitation against any reachable NocoBase instance. The EPSS percentile of 96.83 indicates a high likelihood of exploitation activity relative to other CVEs.

The vulnerability mechanism is documented in the NocoBase GitHub Security Advisory GHSA-px3p-vgh9-m57c and the patch pull request #8967. No verified public exploit code is referenced in the advisory.

Detection Methods for CVE-2026-34156

Indicators of Compromise

• Workflow Script Node definitions that reference console._stdout, console._stderr, constructor, or __proto__ traversal patterns.
• Unexpected child processes spawned by the NocoBase Node.js process, such as sh, bash, curl, or wget.
• Outbound network connections from the NocoBase host to unfamiliar IP addresses or domains shortly after workflow execution.
• New or modified workflow definitions created by accounts that do not normally author workflows.

Detection Strategies

• Audit NocoBase workflow definitions for JavaScript that accesses internal console properties or performs prototype chain walks.
• Monitor process trees on NocoBase hosts for non-Node.js children of the main application process.
• Alert on authenticated API calls to workflow creation and update endpoints from non-administrative users.
• Review NocoBase application logs for script execution errors that may indicate exploitation attempts.

Monitoring Recommendations

• Forward NocoBase application and host logs to a centralized SIEM for correlation with process and network telemetry.
• Enable behavioral monitoring on the underlying host to flag unexpected file writes, credential access, or privilege use by the Node.js runtime.
• Track changes to the WORKFLOW_SCRIPT_MODULES environment variable and to workflow script artifacts in version control or backups.

How to Mitigate CVE-2026-34156

Immediate Actions Required

• Upgrade NocoBase to version 2.0.28 or later without delay using the GitHub Release v2.0.28.
• Restrict Workflow Script Node creation and editing permissions to a minimal set of trusted administrators.
• Audit existing workflows for malicious scripts introduced before patching and remove any unauthorized definitions.
• Rotate credentials, API keys, and secrets accessible from the NocoBase host if compromise is suspected.

Patch Information

NocoBase resolved the vulnerability in version 2.0.28. The fix is implemented in pull request #8967 and described in the GHSA-px3p-vgh9-m57c advisory. Administrators of self-hosted deployments should apply the upgrade immediately.

Workarounds

• Disable the Workflow Script Node feature until the upgrade to 2.0.28 is complete.
• Run the NocoBase service under a non-root, least-privilege user account to reduce the impact of any successful sandbox escape.
• Place NocoBase behind network controls that limit authenticated access to known administrator sources.

# Configuration example: upgrade NocoBase to the patched release
docker pull nocobase/nocobase:2.0.28
docker stop nocobase && docker rm nocobase
docker run -d --name nocobase \
  --user node \
  -e WORKFLOW_SCRIPT_MODULES="" \
  -p 13000:80 \
  nocobase/nocobase:2.0.28