CVE-2026-24781
published 2026-05-04CVE-2026-24781: vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This…
PriorityP265critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.16%
63.0th percentile
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| patriksimek | vm2 | < 3.11.0 | 3.11.0 |
| rhdh | backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor | — | — |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | < 3.11.0 | 3.11.0 |
| vm2_project | vm2 | >= 0 < 3.11.0 | 3.11.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Sandbox breakout in vm2 is achieved via exploitation of the `inspect` function — monitor for unusual use of the inspect function within vm2-sandboxed Node.js processes ↗
- →Any vm2 version prior to 3.11.0 running in Node.js environments should be treated as vulnerable and flagged in software inventory/SCA scans ↗
- →Red Hat Developer Hub components are confirmed affected — audit deployments of rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor and rhdh/rhdh-hub-rhel9 for vulnerable vm2 versions ↗
- ·The vulnerability is fully patched in vm2 version 3.11.0; any deployment still running an older version remains exploitable ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
VM2 Has Sandbox Breakout Through Inspect Function
ghsa·2026-05-05
CVE-2026-24781 [CRITICAL] CWE-693 VM2 Has Sandbox Breakout Through Inspect Function
VM2 Has Sandbox Breakout Through Inspect Function
### Summary
VM2 suffers from a sandbox breakout vulnerability through the `inspect` function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system.
### Details
The node `inspect` method allows to log details of objects. To get to the details, the implementation unwraps proxies. The unwrapped values can be extracted using the `this.seen` of the `stylize` function. This allows to get access to the internal proxy handler of VM2 which contains the sandbox object. Since the access to the handler is itself wrapped by a VM2 proxy, accessing the sandbox object in the proxy handler will result in a wrapped sandbox object given into the sandbox. This allows to write a wrapped
VulDB
patriksimek vm2 up to 3.10.x inspect code injection (GHSA-v37h-5mfm-c47c / WID-SEC-2026-1349)
vuldb·2026-05-04·CVSS 9.8
CVE-2026-24781 [CRITICAL] patriksimek vm2 up to 3.10.x inspect code injection (GHSA-v37h-5mfm-c47c / WID-SEC-2026-1349)
A vulnerability was found in patriksimek vm2 up to 3.10.x. It has been rated as critical. Impacted is the function inspect. The manipulation leads to code injection.
This vulnerability is referenced as CVE-2026-24781. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
Red Hat
vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
vendor_redhat·2026-05-04·CVSS 9.8
CVE-2026-24781 [CRITICAL] CWE-653 vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
A flaw was found in vm2, an open-source virtual machine (VM) sandbox for Node.js. This vulnerability allows an attacker to escape the sandbox environment by exploiting the `inspect` function. Successful exploitation can lead to arbitrary code execution on the host system, compromising the integrity and confidentiality of the system.
Package: rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor (Red Hat Developer Hub) - Affected
Package: rhdh/rhdh-hub-rhel9 (Red Hat Developer Hub) - Affected
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-24781 vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
bugzilla·2026-05-04·CVSS 9.8
CVE-2026-24781 [CRITICAL] CVE-2026-24781 vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
CVE-2026-24781 vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0.
Hackernews
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
blogs_hackernews·2026-05-07·CVSS 10.0
CVE-2026-24118 [CRITICAL] vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment.
The security flaws are listed below -
CVE-2026-24118 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via "__lookupGette
https://github.com/patriksimek/vm2/commit/8d30d93213c1898b3e035298b89a814970dd1189https://github.com/patriksimek/vm2/commit/bdd3d15e57bc4ec5e70365cd79f7cb0256e5f88chttps://github.com/patriksimek/vm2/commit/fd266d084e0a3322d0f71ba2a8dc4c96cd030228https://github.com/patriksimek/vm2/releases/tag/v3.11.0https://github.com/patriksimek/vm2/security/advisories/GHSA-v37h-5mfm-c47chttps://access.redhat.com/errata/RHSA-2026:26234https://access.redhat.com/security/cve/CVE-2026-24781https://bugzilla.redhat.com/show_bug.cgi?id=2466531https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24781.json
2026-05-04
Published