CVE-2026-47139
published 2026-06-12CVE-2026-47139: vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With…
PriorityP354high8.6CVSS 3.1
AVNACLPRNUINSCCHINAN
EPSS
0.28%
19.9th percentile
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes underscored internal HTTP builtins such as _http_client and _http_server. These are not blocked when the public modules are excluded. Sandboxed code can use these internal builtins to make outbound HTTP requests and open listening HTTP sockets even though the public network modules are denied. This issue has been patched in version 3.11.4.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ansible-automation-platform | automation-portal | — | — |
| patriksimek | vm2 | < 3.11.4 | 3.11.4 |
| rhdh | rhdh-hub-rhel9 | — | — |
| vm2_project | vm2 | >= 0 < 3.11.4 | 3.11.4 |
CVSS provenance
nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
vendor_redhat8.6HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
NodeVM network builtin exclusions bypass via internal _http_client and _http_server
ghsa·2026-05-29
CVE-2026-47139 [HIGH] CWE-693 NodeVM network builtin exclusions bypass via internal _http_client and _http_server
NodeVM network builtin exclusions bypass via internal _http_client and _http_server
## Summary
`NodeVM` supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to `http`, `https`, `http2`, `net`, `dgram`, `tls`, `dns`, and `dns/promises` is blocked.
However, Node.js also exposes underscored internal HTTP builtins such as `_http_client` and `_http_server`. These are not blocked when the public modules are excluded.
Sandboxed code can use these internal builtins to make outbound HTTP requests and open listening HTTP sockets even though the public network modules are denied.
**Note**: This is not host RCE. It is a network capability bypass that can lead to SSRF-style access to internal services.
## Details
The wildcard builtin
Red Hat
vm2: vm2: Sandbox escape via internal HTTP built-ins leading to network restriction bypass
vendor_redhat·2026-06-12·CVSS 8.6
CVE-2026-47139 [HIGH] CWE-1100 vm2: vm2: Sandbox escape via internal HTTP built-ins leading to network restriction bypass
vm2: vm2: Sandbox escape via internal HTTP built-ins leading to network restriction bypass
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes underscored internal HTTP builtins such as _http_client and _http_server. These are not blocked when the public modules are excluded. Sandboxed code can use these internal builtins to make outbound HTTP requests and open listening HTTP sockets even though the public network modules are denied. This issue has been patched in version 3.11.4.
A flaw was found in vm2, a Node.js sandbox. This vulnerability allow
No detection rules found.
No public exploits indexed.
2026-06-12
Published