CVE-2026-44002
published 2026-05-13CVE-2026-44002: vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class (intended as a safe wrapper for V8's native CallSite) blocks…
PriorityP432medium5.8CVSS 3.1
AVNACLPRNUINSCCLINAN
EPSS
0.24%
15.1th percentile
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class (intended as a safe wrapper for V8's native CallSite) blocks getThis() and getFunction() to prevent host object leakage, but allows getFileName() to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and framework versions of the host server. This vulnerability is fixed in 3.11.0.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform | automation-portal | — | — |
| patriksimek | vm2 | < 3.11.0 | 3.11.0 |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | < 3.11.0 | 3.11.0 |
| vm2_project | vm2 | >= 0 < 3.11.0 | 3.11.0 |
CVSS provenance
nvdv3.15.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
vendor_redhat5.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
patriksimek vm2 up to 3.10.x getThis/getFunction information exposure (GHSA-v27g-jcqj-v8rw)
vuldb·2026-05-13·CVSS 5.8
CVE-2026-44002 [MEDIUM] patriksimek vm2 up to 3.10.x getThis/getFunction information exposure (GHSA-v27g-jcqj-v8rw)
A vulnerability categorized as problematic has been discovered in patriksimek vm2 up to 3.10.x. Affected by this issue is the function getThis/getFunction. The manipulation results in information exposure through error message.
This vulnerability is reported as CVE-2026-44002. The attack can be launched remotely. No exploit exists.
It is advisable to upgrade the affected component.
GHSA
vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
ghsa·2026-05-07
CVE-2026-44002 [MEDIUM] CWE-209 vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
### Summary
vm2's `CallSite` wrapper class (intended as a safe wrapper for V8's native CallSite) blocks `getThis()` and `getFunction()` to prevent host object leakage, but allows `getFileName()` to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and framework versions of the host server.
### Details
In `lib/setup-sandbox.js:436-466`, the `CallSite` class overrides `getThis()` and `getFunction()` with `undefined` to prevent host object references from leaking into the sandbox. However, the following methods pass through unsanitized values from the original V8 CallSite object:
- `getFileName()` — returns host absolute paths like `/app/node_mod
Red Hat
vm2: vm2: Information disclosure through unsanitized host paths
vendor_redhat·2026-05-13·CVSS 5.8
CVE-2026-44002 [MEDIUM] CWE-791 vm2: vm2: Information disclosure through unsanitized host paths
vm2: vm2: Information disclosure through unsanitized host paths
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class (intended as a safe wrapper for V8's native CallSite) blocks getThis() and getFunction() to prevent host object leakage, but allows getFileName() to return unsanitized host absolute paths. Any sandboxed code can extract the full directory structure, library paths, and framework versions of the host server. This vulnerability is fixed in 3.11.0.
A flaw was found in vm2 (before 3.11.0). The CallSite wrapper blocks getThis() and getFunction() but returns unsanitized host absolute paths from getFileName(), allowing sandboxed code to learn host directory layout, library paths, and framework versions. Fixed in 3.11.0.
Statement: vm2 is vul
No detection rules found.
No public exploits indexed.
2026-05-13
Published