Threat Advisory

Critical vm2 Vulnerabilities Enable Host Code Execution

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in the vm2 sandbox library (npm package vm2) affecting all releases up to and including version 3.11.3. The issues comprise a network‑builtin exclusion bypass that enables SSRF‑style outbound requests and a denylist bypass that grants the sandboxed code ability to execute arbitrary commands in the host process. Both flaws arise from incomplete filtering of internal Node.js modules such as “_http_client”, “process”, and “inspector/promises”. An attacker who can inject untrusted JavaScript into a NodeVM configured with the vulnerable builtin settings could gain unauthorized network access, read or modify internal services, and potentially achieve full remote code execution, exposing sensitive data and disrupting operations.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

Multiple security vulnerabilities have been identified in the vm2 sandbox library (npm package vm2) affecting all releases up to and including version 3.11.3. The issues comprise a network‑builtin exclusion bypass that enables SSRF‑style outbound requests and a denylist bypass that grants the sandboxed code ability to execute arbitrary commands in the host process. Both flaws arise from incomplete filtering of internal Node.js modules such as “_http_client”, “process”, and “inspector/promises”. An attacker who can inject untrusted JavaScript into a NodeVM configured with the vulnerable builtin settings could gain unauthorized network access, read or modify internal services, and potentially achieve full remote code execution, exposing sensitive data and disrupting operations.[emaillocker id="1283"]

  • CVE-2026-47139 with a CVSS score of 8.6 – The vulnerability allows sandboxed code to require internal modules like _http_client and _http_server, bypassing the intended exclusion of public network builtins and enabling outbound HTTP requests or listening sockets. An attacker must be able to execute untrusted JavaScript inside a NodeVM that uses the wildcard builtin configuration with network modules excluded.
  • CVE-2026-47140 with a CVSS score of 10.0 – This flaw lets sandboxed code require the process and inspector/promises modules, which are omitted from the denylist, permitting the loading of child_process and execution of host commands or evaluation of code via the Inspector protocol. Exploitation requires the ability to run untrusted JavaScript in a NodeVM where these modules are not blocked, such as when the wildcard “*” builtin is permitted.

Both vulnerabilities present an immediate risk of full compromise of the host application, potentially leading to data leakage, unauthorized service interaction, and complete loss of control over the execution environment. Organizations should treat these findings as high priority and assess any deployments of vm2 that allow untrusted code to ensure exposure is mitigated.

RECOMMENDATION:

  • We recommend you to update vm2 to version 3.11.4.

REFERENCES:

The following reports contain further technical details:
https://github.com/advisories/GHSA-r9pm-gxmw-wv6p
https://github.com/advisories/GHSA-rp36-8xq3-r6c4

[/emaillocker]
crossmenu