Vital vm2 sandbox bug lets attackers execute code on hosts

A vital vulnerability within the fashionable Node.js sandboxing library vm2 permits escaping the sandbox and executing arbitrary code on the host system.

The security difficulty is tracked as CVE-2026-26956 and has been confirmed to affect vm2 model 3.10.4, though earlier releases might also be weak. Proof-of-concept (PoC) exploit code has been printed.

Within the security advisory, the maintainer says that the problem solely impacts environments with Node.js 25 (confirmed on Node.js 25.6.1) which have enabled WebAssembly exception dealing with and JSTag assist.

vm2 is an open-source Node.js library used to run untrusted JavaScript code inside a restricted sandbox surroundings. It’s generally employed by on-line coding platforms, automation instruments, and SaaS apps that execute user-supplied scripts.

The library makes an attempt to isolate sandboxed code from the host system and block entry to delicate Node.js APIs like course of and the filesystem.

vm2 is extensively used, with greater than 1.3 million weekly downloads on the npm (Node Package deal Supervisor), the default command-line package deal supervisor for Node.js.

CVE-2026-26956 stems from the library’s inaccurate dealing with of exceptions crossing between the sandboxed surroundings and the host.

The advisory explains that vm2 usually depends on JavaScript-level protections that safeguard towards host-based errors and bridge Proxies that wrap cross-context objects, each operating fully inside JavaScript.

Nevertheless, WebAssembly exception dealing with can intercept JavaScript errors at a decrease degree inside Google’s V8 engine, bypassing vm2’s JavaScript-based security defenses.

By triggering a specifically crafted TypeError utilizing Image-to-string conversion, attackers may cause a host-side error object to leak again into the sandbox with out being sanitized by vm2.

As a result of the leaked object originates from the host surroundings, attackers can abuse its constructor chain to regain entry to Node.js internals like the method object, in the end permitting arbitrary command execution on the host system.

The maintainer’s security advisory additionally features a PoC exploit that demonstrates distant code execution on the host machine.

Customers of vm2 are advisable to improve to model 3.10.5 or later (newest is 3.11.2) as quickly as potential to mitigate the danger of CVE-2026-26956 exploitation.

Originally of the yr, vm2 was impacted by one other vital sandbox escape flaw that would result in arbitrary code execution on the underlying host system, tracked as CVE-2026-22709.

Earlier sandbox escape flaws impacting the identical library embrace CVE-2023-30547, CVE-2023-29017, and CVE-2022-36067, reflecting the problem of securely isolating untrusted code in JavaScript sandbox environments.