CVE-2026-44008
published 2026-05-13CVE-2026-44008: vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects from the other side but can call…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.85%
53.6th percentile
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects from the other side but can call into this side via getter on the array prototype exposing objects of the wrong side into the sandbox. This can be used to get host objects and get the host Function object. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This vulnerability is fixed in 3.11.2.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform | automation-portal | — | — |
| patriksimek | vm2 | < 3.11.2 | 3.11.2 |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | < 3.11.2 | 3.11.2 |
| vm2_project | vm2 | >= 0 < 3.11.2 | 3.11.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →The vulnerable method `neutralizeArraySpeciesBatch` in vm2 can be triggered by a getter on the array prototype from within the sandbox, exposing host-side objects including the host Function object — monitor sandboxed code submissions that manipulate Array.prototype getters or species properties. ↗
- →Exploitation allows escape from the VM2 sandbox and arbitrary command execution on the host; monitor for unexpected child process spawning or shell execution originating from Node.js processes running vm2 prior to version 3.11.2. ↗
- →A remote unauthenticated attacker who can submit sandboxed code may escape the sandbox — treat any externally-supplied code executed via vm2 < 3.11.2 as a high-risk vector and alert on network-originated code submissions to vm2-backed services. ↗
- ·The vulnerability exists specifically in vm2 versions prior to 3.11.2; the fix is to upgrade to 3.11.2 or later. Verify the installed vm2 version in Node.js environments to determine exposure. ↗
- ·Red Hat packages rhdh/rhdh-hub-rhel9 (Red Hat Developer Hub) and ansible-automation-platform/automation-portal (Self-service automation portal 2) were listed as under investigation at time of publication — patch status may have changed. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
vm2: vm2: Arbitrary code execution due to sandbox escape
vendor_redhat·2026-05-13·CVSS 9.8
CVE-2026-44008 [CRITICAL] CWE-1100 vm2: vm2: Arbitrary code execution due to sandbox escape
vm2: vm2: Arbitrary code execution due to sandbox escape
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects from the other side but can call into this side via getter on the array prototype exposing objects of the wrong side into the sandbox. This can be used to get host objects and get the host Function object. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This vulnerability is fixed in 3.11.2.
A flaw was found in vm2 (before 3.11.2). The neutralizeArraySpeciesBatch method can invoke host-side getters on array prototypes, exposing host objects and the host Function into the sandbox for escape and arbitrary command execution. Fixed in 3.
VulDB
patriksimek vm2 up to 3.11.1 neutralizeArraySpeciesBatch exposure of resource (GHSA-9qj6-qjgg-37qq)
vuldb·2026-05-13·CVSS 9.8
CVE-2026-44008 [CRITICAL] patriksimek vm2 up to 3.11.1 neutralizeArraySpeciesBatch exposure of resource (GHSA-9qj6-qjgg-37qq)
A vulnerability labeled as critical has been found in patriksimek vm2 up to 3.11.1. This vulnerability affects the function neutralizeArraySpeciesBatch. Such manipulation leads to exposure of resource.
This vulnerability is traded as CVE-2026-44008. The attack may be launched remotely. There is no exploit available.
The affected component should be upgraded.
GHSA
vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`
ghsa·2026-05-08
CVE-2026-44008 [CRITICAL] CWE-668 vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`
vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`
### Summary
VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system.
### Details
The new method `neutralizeArraySpeciesBatch` works with objects from the other side but can call into this side via getter on the array prototype exposing objects of the wrong side into the sandbox. This can be used to get host objects and get the host `Function` object.
### PoC
```js
const {VM} = require("vm2");
const vm = new VM();
console.log(vm.run(`
const a = [];
Object.defineProperty(Array.prototype, 0, {
set(value) {
a.f = Buffer.prototype.inspect;
value.arr.f.constructor.constructor("return process")().mainModule.require(
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-44008 vm2: vm2: Arbitrary code execution due to sandbox escape
bugzilla·2026-05-13·CVSS 9.8
CVE-2026-44008 [CRITICAL] CVE-2026-44008 vm2: vm2: Arbitrary code execution due to sandbox escape
CVE-2026-44008 vm2: vm2: Arbitrary code execution due to sandbox escape
vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects from the other side but can call into this side via getter on the array prototype exposing objects of the wrong side into the sandbox. This can be used to get host objects and get the host Function object. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This vulnerability is fixed in 3.11.2.
Hackernews
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
blogs_hackernews·2026-05-07·CVSS 10.0
CVE-2026-24118 [CRITICAL] vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems.
vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox by intercepting and proxying JavaScript objects to prevent sandboxed code from accessing the host environment.
The security flaws are listed below -
CVE-2026-24118 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via "__lookupGette
2026-05-13
Published