CVE-2026-26956
published 2026-05-04CVE-2026-26956: vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.92%
55.8th percentile
vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and runs host commands with zero host cooperation. This issue has been patched in version 3.10.5.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform | automation-portal | — | — |
| patriksimek | vm2 | — | — |
| rhdh | backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor | — | — |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | < 3.10.5 | 3.10.5 |
| vm2_project | vm2 | >= 3.10.4 < 3.10.5 | 3.10.5 |
Detection & IOCsextracted from sources · hover to see the quote
- →Alert on Symbol-to-string TypeError being triggered within vm2 sandbox contexts, which is the specific primitive used to leak a host-side error object back into the sandbox. ↗
- →Monitor for unexpected access to the Node.js `process` object or child_process spawning from within vm2-sandboxed code paths, which indicates successful sandbox escape and host command execution. ↗
- →Flag environments running Node.js 25 (specifically confirmed on 25.6.1) with WebAssembly exception handling and JSTag support enabled alongside vm2 version 3.10.4 or earlier as highest-risk targets. ↗
- →A public PoC exploit demonstrating RCE on the host has been published; monitor threat intel feeds and public repositories for weaponized versions targeting vm2 3.10.4. ↗
- ·Vulnerability is confirmed only on vm2 version 3.10.4 under Node.js 25 with WebAssembly exception handling and JSTag support explicitly enabled; earlier vm2 versions may also be affected but are not confirmed. ↗
- ·Red Hat packages rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor and rhdh/rhdh-hub-rhel9 are listed as Affected, while ansible-automation-platform/automation-portal is Not Affected — scope detection rules accordingly. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
vendor_redhat·2026-05-04·CVSS 9.8
CVE-2026-26956 [CRITICAL] CWE-653 vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
A flaw was found in vm2, an open-source sandbox for Node.js. An attacker can exploit this vulnerability by running malicious code within the VM.run() function, allowing them to escape the sandbox and gain access to the host process. This can lead to arbitrary code execution on the host system, enabling the attacker to run host commands without any host cooperation.
Package: rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor (Red Hat Developer Hub) - Affected
Package: rhdh/rhdh-hub-rhel9 (Red Hat Developer Hub) - Affected
Package: ansible-automation-platform/automation-portal (Self-service automation portal 2) - Not affected
GHSA
VM2 Has a WASM Sandbox Escape (Node 25 only)
ghsa·2026-05-05
CVE-2026-26956 [CRITICAL] CWE-693 VM2 Has a WASM Sandbox Escape (Node 25 only)
VM2 Has a WASM Sandbox Escape (Node 25 only)
## Summary
Full sandbox escape with arbitrary code execution. Attacker code inside `VM.run()` obtains host process object and runs host commands with zero host cooperation.
## Details
**Confirmed on:** vm2 3.10.4, Node.js v25.6.1 (x64 Linux)
**Trigger:** Attacker-controlled code passed to `VM.run()`
**Requires:** Node.js version with WebAssembly exception handling + JSTag support (tested on v25.6.1)
vm2's sandbox security relies on two JavaScript-level mechanisms: (1) a code transformer that injects `handleException()` into JS `catch` clauses to wrap host-realm errors, and (2) bridge Proxies that wrap cross-context objects. Both operate entirely within JavaScript.
WebAssembly's `try_table` instruction with a `JSTag` catch handler catches J
VulDB
patriksimek vm2 3.10.4 HOST Command VM.run protection mechanism (GHSA-ffh4-j6h5-pg66 / WID-SEC-2026-1349)
vuldb·2026-05-04·CVSS 9.8
CVE-2026-26956 [CRITICAL] patriksimek vm2 3.10.4 HOST Command VM.run protection mechanism (GHSA-ffh4-j6h5-pg66 / WID-SEC-2026-1349)
A vulnerability classified as critical was found in patriksimek vm2 3.10.4. The affected element is the function VM.run of the component HOST Command Handler. Such manipulation leads to protection mechanism failure.
This vulnerability is traded as CVE-2026-26956. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-26956 vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
bugzilla·2026-05-04·CVSS 9.8
CVE-2026-26956 [CRITICAL] CVE-2026-26956 vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
CVE-2026-26956 vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run() obtains host process object and runs host commands with zero host cooperation. This issue has been patched in version 3.10.5.
Discussion:
Public upstream patch fixing this issue:
https://github.com/patriksimek/vm2/commit/1fbdeff743d48fb1416964777f5947057f6f1295
Hackernews
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
blogs_hackernews·2026-05-07·CVSS 10.0
CVE-2026-24118 [CRITICAL] vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment.
The security flaws are listed below -
CVE-2026-24118 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via "__lookupGette
Bleepingcomputer
Critical vm2 sandbox bug lets attackers execute code on hosts
blogs_bleepingcomputer·2026-05-06·CVSS 9.8
CVE-2026-26956 [CRITICAL] Critical vm2 sandbox bug lets attackers execute code on hosts
## Critical vm2 sandbox bug lets attackers execute code on hosts
## Bill Toulas
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system.
The security issue is tracked as CVE-2026-26956 and has been confirmed to impact vm2 version 3.10.4, although earlier releases may also be vulnerable. Proof-of-concept (PoC) exploit code has been published.
In the security advisory, the maintainer says that the issue only impacts environments with Node.js 25 (confirmed on Node.js 25.6.1) that have enabled WebAssembly exception handling and JSTag support.
vm2 is an open-source Node.js library used to run untrusted JavaScript code inside a restricted sandbox environment. It is commonly employed by online coding p
https://github.com/patriksimek/vm2/releases/tag/v3.10.5https://github.com/patriksimek/vm2/security/advisories/GHSA-ffh4-j6h5-pg66https://access.redhat.com/security/cve/CVE-2026-26956https://bugzilla.redhat.com/show_bug.cgi?id=2466548https://github.com/patriksimek/vm2/security/advisories/GHSA-ffh4-j6h5-pg66https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26956.json
2026-05-04
Published