Skip to main content

vm2 CVE-2026-24120

| EUVDEUVD-2026-26986 CRITICAL
Protection Mechanism Failure (CWE-693)
2026-05-04 GitHub_M GHSA-qvjj-29qf-hp7p
9.8
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Red Hat
9.1 HIGH
qualitative

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

7
Patch available
May 04, 2026 - 18:32 EUVD
Source Code Evidence Fetched
May 04, 2026 - 17:45 vuln.today
Analysis Generated
May 04, 2026 - 17:45 vuln.today
Patch released
May 04, 2026 - 17:16 nvd
Patch available
EUVD ID Assigned
May 04, 2026 - 17:15 euvd
EUVD-2026-26986
Analysis Generated
May 04, 2026 - 17:15 vuln.today
CVE Published
May 04, 2026 - 16:31 nvd
CRITICAL 9.8

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 11 npm packages depend on vm2 (1 direct, 10 indirect)

Ecosystem-wide dependent count for version 3.10.5.

DescriptionCVE.org

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.10.5.

AnalysisAI

Sandbox escape in vm2 for Node.js allows remote unauthenticated attackers to execute arbitrary commands on the host system. The vulnerability represents an insufficient fix for CVE-2023-37466, enabling attackers to circumvent sandbox protections through multiple attack vectors including Function constructor extraction, proxy unwrapping, property descriptor manipulation, and WebAssembly JSTag exploitation. CVSS 9.8 (Critical) with EPSS data unavailable, but the existence of a detailed security advisory and comprehensive patch from GitHub indicates active vendor awareness and rapid response. Patched in version 3.10.5 with eleven distinct fixes addressing various bypass techniques.

Technical ContextAI

vm2 is a Node.js library (cpe:2.3:a:patriksimek:vm2) designed to provide sandboxed JavaScript execution environments for untrusted code. This vulnerability stems from CWE-693 (Protection Mechanism Failure), where the original security controls meant to isolate VM2 sandbox contexts from the host Node.js runtime can be bypassed. The attack surface includes multiple JavaScript language features: the Function constructor (which can compile and execute arbitrary code), Object property descriptors (getOwnPropertyDescriptor), prototype manipulation (setPrototypeOf), proxy objects that can unwrap sandbox boundaries, util.inspect internals (doPreventExtensions, getFactory), error handling mechanisms (SuppressedError), and WebAssembly's JSTag feature in Node.js 25+. The fundamental issue is that JavaScript's dynamic nature and reflective capabilities provide numerous pathways to access host-level constructors and execute code outside the intended sandbox boundary. The patch addresses eleven distinct bypass vectors discovered after the CVE-2023-37466 remediation, indicating sophisticated sandbox escape chains.

RemediationAI

Upgrade immediately to vm2 version 3.10.5 or later as documented in the release notes at https://github.com/patriksimek/vm2/releases/tag/v3.10.5. For Node.js applications, update package.json dependencies to specify vm2 ^3.10.5 or >=3.10.5 and run npm update or yarn upgrade. If immediate upgrade is not feasible, consider temporary compensating controls with significant operational impact: disable all user-supplied JavaScript execution features that rely on vm2 until patching is complete (breaks core functionality); implement strict input validation to reject code containing suspicious patterns like 'Function', 'constructor', 'prototype', '__proto__', 'Proxy', 'WebAssembly', though determined attackers can obfuscate these (bypassable, reduces usability); run vm2-dependent processes in isolated containers or VMs with minimal host access and network segmentation (adds infrastructure complexity, does not eliminate risk if container escape techniques exist); or migrate to alternative sandboxing solutions like isolated-vm or Deno's permission model (requires significant code refactoring, testing effort). Note that compensating controls for sandbox escapes are inherently weak since the core security boundary has failed - patching to 3.10.5 is the only reliable mitigation.

CVE-2024-55591 CRITICAL POC
9.8 Jan 14

FortiOS and FortiProxy contain an authentication bypass via the Node.js websocket module allowing unauthenticated remote

CVE-2014-7205 CRITICAL POC
10.0 Oct 08

Eval injection vulnerability in the internals.batch function in lib/batch.js in the bassmaster plugin before 1.5.2 for t

CVE-2025-59528 CRITICAL POC
10.0 Sep 22

Flowise version 3.0.5 contains a remote code execution vulnerability in the CustomMCP node. The mcpServerConfig paramete

CVE-2017-14849 HIGH POC
7.5 Sep 28

Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was inc

CVE-2017-5941 CRITICAL POC
9.8 Feb 09

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Rated critical severity (CVSS 9.8), this vulner

CVE-2014-3744 HIGH POC
7.5 Oct 23

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary fi

CVE-2014-9566 HIGH POC
7.5 Mar 10

Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwin

CVE-2013-4660 MEDIUM POC
6.8 Jun 28

The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, whic

CVE-2015-5688 MEDIUM POC
5.0 Sep 04

Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2014-7192 CRITICAL POC
10.0 Dec 11

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rat

CVE-2013-4450 MEDIUM POC
5.0 Oct 21

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of se

Vendor StatusVendor

Share

CVE-2026-24120 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy