cbcvebase.
CVE-2026-22709
published 2026-01-26

CVE-2026-22709: vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be…

PriorityP265critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
1.22%
64.9th percentile
vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be bypassed. This allows attackers to escape the sandbox and run arbitrary code. In lib/setup-sandbox.js, the callback function of `localPromise.prototype.then` is sanitized, but `globalPromise.prototype.then` is not sanitized. The return value of async functions is `globalPromise` object. Version 3.10.2 fixes the issue.

Affected

7 ranges
VendorProductVersion rangeFixed in
ansible-automation-platformautomation-portal
patriksimekvm2< 3.11.03.11.0
rhdhrhdh-hub-rhel9
vm2_projectvm2< 3.11.03.11.0
vm2_projectvm2< 3.10.23.10.2
vm2_projectvm2>= 0 < 3.10.23.10.2
vm2_projectvm2>= 0 < 3.11.03.11.0

Detection & IOCsextracted from sources · hover to see the quote

  • The exploit path involves a Promise constructor triggering an unhandled rejection that propagates to the host process — monitor for unhandled rejection events originating from vm2 sandbox contexts
  • The executor-to-unhandledRejection path was NOT patched in v3.10.2; only .then()/.catch() onRejected callbacks were sanitized — detection logic should cover the Promise executor path as well
  • Vulnerable vm2 versions are 3.10.0 through 3.10.5 (prior to 3.11.0); flag use of these specific npm package versions in software inventories and CI/CD pipelines
  • CVE-2026-22709 is described as trivial to exploit; prioritize detection of vm2 sandbox usage in internet-facing SaaS platforms, online code runners, and chatbots where untrusted code execution is permitted
  • ·The partial fix in vm2 v3.10.1 and the tightened fix in v3.10.2 only addressed .then()/.catch() callback sanitization; the executor-to-unhandledRejection path remained unpatched until v3.11.0 — detection rules targeting only .then()/.catch() bypass patterns will miss this vector
  • ·Red Hat packages rhdh/rhdh-hub-rhel9 (Red Hat Developer Hub) and ansible-automation-platform/automation-portal (Self-service automation portal 2) were listed as under investigation for this CVE at time of publication

CVSS provenance

nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
ghsa10.0CRITICAL
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.