Critical vm2 sandbox bug lets attackers execute code on hosts

Source: Bleeping Computer

Overview

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The issue is tracked as CVE‑2026‑26956 and has been confirmed to impact vm2 version 3.10.4 (earlier releases may also be vulnerable). A proof‑of‑concept (PoC) exploit has been published.

Affected Environments

The maintainer notes that the flaw only affects environments running Node.js 25 (confirmed on Node.js 25.6.1) with WebAssembly exception handling and JSTag support enabled.

How vm2 Works

vm2 is an open‑source Node.js library used to run untrusted JavaScript code inside a restricted sandbox. It is commonly employed by online coding platforms, automation tools, and SaaS applications that execute user‑supplied scripts. The library attempts to isolate sandboxed code from the host system and block access to sensitive Node.js APIs such as process and the filesystem.

Vulnerability Details

• Root cause: Erroneous handling of exceptions that cross between the sandboxed environment and the host.
• Mechanism: WebAssembly exception handling can intercept JavaScript errors at a lower level inside Google’s V8 engine, bypassing vm2’s JavaScript‑based security defenses.
• Exploit: By triggering a specially crafted TypeError using Symbol‑to‑string conversion, an attacker can cause a host‑side error object to leak back into the sandbox without sanitization. The leaked object retains its constructor chain, enabling access to Node.js internals (e.g., the process object) and ultimately allowing arbitrary command execution on the host.

The advisory includes a PoC exploit that demonstrates remote code execution on the host machine.

Mitigation

Users of vm2 should upgrade to version 3.10.5 or later (the latest release is 3.11.2) as soon as possible to mitigate CVE‑2026‑26956.

• Upgrade link: v3.10.5 release
• Latest version: v3.11.2 release

Historical Context

vm2 has been the target of several critical sandbox escape flaws:

• CVE‑2026‑22709 – another critical sandbox escape discovered earlier this year.
• CVE‑2023‑30547 – sandbox escape PoC exploit (2023).
• CVE‑2023‑29017 – critical bug in vm2 JavaScript sandbox library (2023).
• CVE‑2022‑36067 – earlier vulnerability allowing code execution outside the sandbox (2022).

These recurring issues highlight the challenges of securely isolating untrusted code in JavaScript sandbox environments.

References

• npm package page:
• Security advisory:

• Related news articles: