CT
CyberTimes
← Back to Threat Watch
May 7, 2026 · CyberTimes Security Team

Shattering the Sandbox: A Dozen Critical Flaws Hit vm2 Node.js Library

The vm2 library is designed to be a digital prison for untrusted JavaScript, providing a "secure" sandbox by proxying objects to prevent them from touching the host. However, that prison just suffered

TL;DR — 15 Second Read

  • 12 critical security flaws (CVEs) have been disclosed in the popular vm2 library, with scores ranging from 9.1 to a maximum 10.0.
  • Attackers can bypass the sandbox using various methods—like prototype pollution and null proto exceptions—to execute commands directly on your host system.
  • Version 3.11.2 is the only safe harbor; all previous versions are vulnerable to at least one of these escape chains.
Severity🟠 HIGH
CVSS Score
ExploitedNo
Fix StatusPatch available
Node.js developers, DevOps engineers, and security teams utilizing vm2 to isolate user-submitted code or plugins in a sandboxed environment.

The vm2 library is designed to be a digital prison for untrusted JavaScript, providing a "secure" sandbox by proxying objects to prevent them from touching the host. However, that prison just suffered a major security breach. Researchers have identified 12 critical vulnerabilities that allow malicious code to walk right out of the sandbox and gain full control over the underlying server. For anyone relying on vm2 to keep their infrastructure safe from third-party scripts, this is a "drop everything and patch" situation.

How to Fix

Step-by-step remediation

- Identify Vulnerable Versions: Check your package-lock.json or yarn.lock for any version of vm2 below 3.11.2.

- Immediate Update: Run npm install vm2@3.11.2 or the equivalent yarn command to pull the latest security patches.

- Verify the Patch: Ensure that your environment is not pinned to an older Node.js version (like 25.6.1) where specific coercion bugs (CVE-2026-26956) might still be easier to trigger.

What happened

The vulnerabilities exploit the complex way JavaScript handles objects, errors, and prototypes. Because vm2 has to intercept every interaction between the sandbox and the host, attackers have found several logical "cracks" in that wall:

  1. 1Object Manipulation: By using functions like __lookupGetter__ or the inspect function, attackers can trick the library into leaking references to host-level objects.
  2. 2Logic Bypasses: Some flaws, like CVE-2026-24120, are actually bypasses for previous patches, showing just how difficult it is to secure the Promise species property and other built-in JS behaviors.
  3. 3Prototype Pollution: High-severity flaws (like CVE-2026-44005) allow attacker-controlled code to pollute the system's prototypes, eventually leading to a complete host breakout.

Signs You Are Being Targeted:

- High CPU or memory spikes originating from your sandboxed environments that correlate with unusual outbound network requests.

- Presence of unauthorized child_process executions or attempts to access environment variables on the host.

- Logs showing repeated TypeError or SuppressedError exceptions being triggered by sandboxed scripts.

Real-World Impact

A successful sandbox escape is a "game over" scenario. Once an attacker breaks out of vm2, they aren't just limited to the script's memory—they can execute arbitrary operating system commands. This leads to full server takeover, data exfiltration, and the ability to pivot deeper into your internal network or CI/CD pipelines.

🛡️ Prevention Tips

- Defense in Depth: Don't rely solely on a software-level sandbox. Run your Node.js processes inside low-privilege containers or micro-VMs to provide a second layer of hardware-level isolation.

- Strict Allowlisting: Use NodeVM's built-in allowlist to strictly limit which modules can be loaded, though be aware that CVE-2026-43999 specifically targets bypasses in this feature.

- Monitor the Repo: Given the history of vm2, keep a close watch on the project's GitHub for new disclosures, as maintainers have admitted that new bypasses are likely to emerge.

FAQs

Why are there so many vulnerabilities in vm2 lately?

Isolating JavaScript within JavaScript is notoriously difficult. Every time a new feature is added to the Node.js engine, it creates a potential new path for an attacker to "leak" out of the proxy-based sandbox.

Does this affect standard Node.js scripts?

No. This only affects applications that specifically use the vm2 library to run external, untrusted code. Standard applications running your own code are not impacted by these specific CVEs.

Is there a safer alternative to vm2?

While vm2 is excellent for many use cases, for high-security isolation, many developers are moving toward WebAssembly (Wasm) or running code in entirely separate, isolated processes (like using AWS Lambda or isolated Docker containers).

Read Next

The "One-Push" GitHub RCE: How CVE-2026-3854 Broke the Sandbox

Fake Job Offer Scams Targeting Freshers in India: How to Spot the Trap

Fake CBI/Police Call Scam: Why They Say You'll Be Arrested (And How to Defend Yourself)

Fake CBI/Police Call Scam: Why They Say You'll Be Arrested (And How to Defend Yourself)

Fake FedEx/Courier Scam Calls: How the "Digital Arrest" Fraud Works and What to Do

Last updated: May 7, 2026

← Back to all threatsAbout CyberTimes