A vital sandbox escape vulnerability has been recognized in vm2. This extensively used Node.js library offers sandbox isolation for executing untrusted code.
The flaw, tracked as CVE-2026-22709 (GHSA-99p7-6v5w-7xg8), impacts all variations as much as and together with 3.10.0 and carries a CVSS v3.1 base rating of 10.0, indicating most severity.
The vulnerability stems from incomplete callback sanitization in Promise prototype dealing with.
Whereas the vm2 builders sanitized callbacks for localPromise.prototype.then, the sanitization doesn’t apply to globalPromise.prototype.then.
Since async features return world Promise objects moderately than native ones, attackers can bypass sandbox restrictions and acquire code execution privileges on the underlying host system.
VM2 Sandbox Vulnerability
The vulnerability exploits an asymmetry in callback sanitization throughout promise chains.
Researchers found that Promise.prototype.catch callbacks might be manipulated by means of error stack manipulation.
CVE IDPackageAffected VersionsCVSS ScoreVulnerability TypeAttack VectorCVE-2026-22709vm2 (npm)≤ 3.10.010.0Sandbox EscapeNetwork
By creating an error object with a symbolic title and triggering an async perform, an attacker positive factors entry to the Error constructor, which finally permits arbitrary code execution through the Operate constructor.
The assault chain leverages this development to instantiate a Operate object with arbitrary payload code.
In proof-of-concept demonstrations, attackers have efficiently executed system instructions resembling execSync() through entry to the child_process module, utterly circumventing the sandbox isolation layer.
VM2 maintainers launched model 3.10.2, a patched model, to deal with the flaw.
This replace correctly sanitizes Promise callbacks throughout each native and world prototype chains, closing the sandbox escape vector.
Organizations utilizing vm2 ought to instantly improve to model 3.10.2 or later.
The package deal co-founder, Patrik Šimek, revealed a GitHub advisory two days in the past, displaying energetic upkeep and a speedy response to the safety situation
Improvement groups counting on VM2 for code sandboxing ought to deal with this as a vital precedence.
Conduct fast stock assessments throughout growth and manufacturing environments to determine affected deployments.
Deploy model 3.10.2 by means of your package deal administration pipeline directly, and validate that no manufacturing situations stay on weak variations.
Till patching is full, contemplate limiting VM2 execution contexts to trusted code solely.
Observe us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to function your tales.
