CVE-2026-43999
published 2026-05-13CVE-2026-43999: vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is allowed (including via the…
PriorityP270critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.97%
57.6th percentile
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is allowed (including via the '*' wildcard). The module builtin exposes Node's Module._load(), which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed code to load excluded builtins like child_process and achieve remote code execution. This vulnerability is fixed in 3.11.0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform | automation-portal | — | — |
| patriksimek | vm2 | < 3.11.0 | 3.11.0 |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | < 3.11.0 | 3.11.0 |
| vm2_project | vm2 | >= 3.10.5 < 3.11.0 | 3.11.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Sandboxed code calling Module._load() in the host context via the 'module' builtin should be flagged as exploitation of the vm2 builtin allowlist bypass ↗
- →Monitor for vm2 NodeVM configurations that allow the 'module' builtin or use the '*' wildcard in the require allowlist, as these are the preconditions for exploitation ↗
- →Alert on sandboxed code that loads 'child_process' or other excluded builtins, which is the post-exploitation indicator of this bypass being used for RCE ↗
- →Flag vm2 versions prior to 3.11.0 in Node.js environments as vulnerable; inventory and prioritize upgrade ↗
- ·Any vm2 NodeVM configuration that permits the 'module' builtin — explicitly or via the '*' wildcard — is exploitable; this is the root configuration flaw enabling the bypass ↗
- ·Do not use wildcard '*' in NodeVM require/builtin configuration, as it implicitly allows 'module' and exposes Module._load() to sandboxed code ↗
- ·Red Hat Developer Hub (rhdh/rhdh-hub-rhel9) and Self-service automation portal 2 (ansible-automation-platform/automation-portal) are under investigation for impact from this CVE ↗
CVSS provenance
nvdv3.19.9CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
vendor_redhat9.9CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
patriksimek vm2 up to 3.10.x Module._load authorization (GHSA-947f-4v7f-x2v8)
vuldb·2026-05-13·CVSS 9.9
CVE-2026-43999 [CRITICAL] patriksimek vm2 up to 3.10.x Module._load authorization (GHSA-947f-4v7f-x2v8)
A vulnerability classified as critical was found in patriksimek vm2 up to 3.10.x. This issue affects the function Module._load. Executing a manipulation can lead to incorrect authorization.
The identification of this vulnerability is CVE-2026-43999. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
GHSA
vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
ghsa·2026-05-07
CVE-2026-43999 [CRITICAL] CWE-863 vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
## Summary
NodeVM's `builtin` allowlist can be bypassed when the `module` builtin is allowed (including via the `'*'` wildcard). The `module` builtin exposes Node's `Module._load()`, which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed code to load excluded builtins like `child_process` and achieve remote code execution.
## Severity
**Critical** (CVSS 3.1: 9.9)
`CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`
- **Attack Vector:** Network — sandboxed code is typically received from external sources (user-submitted scripts, plugin code)
- **Attack Complexity:** Low — no special conditions required; `['*', '-
Red Hat
vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
vendor_redhat·2026-05-13·CVSS 9.9
CVE-2026-43999 [CRITICAL] CWE-829 vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is allowed (including via the '*' wildcard). The module builtin exposes Node's Module._load(), which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed code to load excluded builtins like child_process and achieve remote code execution. This vulnerability is fixed in 3.11.0.
A flaw was found in vm2 (before 3.11.0). When the module builtin is allowed (including via wildcard), sandboxed code can call Module._load() in the host context, bypassing the builtin allowlist and loading excluded modules such as child_process for r
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-43999 vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
bugzilla·2026-05-13·CVSS 9.9
CVE-2026-43999 [CRITICAL] CVE-2026-43999 vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
CVE-2026-43999 vm2: vm2: Remote code execution via NodeVM builtin allowlist bypass
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is allowed (including via the '*' wildcard). The module builtin exposes Node's Module._load(), which loads any module by name directly in the host context, completely bypassing vm2's builtin restriction. This allows sandboxed code to load excluded builtins like child_process and achieve remote code execution. This vulnerability is fixed in 3.11.0.
Hackernews
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
blogs_hackernews·2026-05-07·CVSS 10.0
CVE-2026-24118 [CRITICAL] vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment.
The security flaws are listed below -
CVE-2026-24118 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via "__lookupGette
https://github.com/patriksimek/vm2/security/advisories/GHSA-947f-4v7f-x2v8https://access.redhat.com/security/cve/CVE-2026-43999https://bugzilla.redhat.com/show_bug.cgi?id=2477196https://github.com/patriksimek/vm2/security/advisories/GHSA-947f-4v7f-x2v8https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43999.json
2026-05-13
Published