What is the CVSS score of CVE-2026-44008?

CVE-2026-44008 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of vm2 are affected by CVE-2026-44008?

CVE-2026-44008 is a critical remote code execution vulnerability in the vm2 npm package (versions ≤3.11.1) that allows attackers to escape the JavaScript sandbox and execute arbitrary system commands…. A patch is available.

vm2 CVE-2026-44008

CRITICAL

Exposure of Resource to Wrong Sphere (CWE-668)

2026-05-08 https://github.com/patriksimek/vm2

GHSA-9qj6-qjgg-37qq

RCE Information Disclosure

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Source Code Evidence Fetched

May 08, 2026 - 16:33 vuln.today

Analysis Generated

May 08, 2026 - 16:33 vuln.today

CVE Published

May 08, 2026 - 15:58 nvd

CRITICAL 9.8

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

10 npm packages depend on vm2 (2 direct, 8 indirect)

Ecosystem-wide dependent count for version 3.11.2.

DescriptionNVD

Summary

VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system.

Details

The new method neutralizeArraySpeciesBatch works with objects from the other side but can call into this side via getter on the array prototype exposing objects of the wrong side into the sandbox. This can be used to get host objects and get the host Function object.

PoC

const {VM} = require("vm2");
const vm = new VM();
console.log(vm.run(`
const a = [];
Object.defineProperty(Array.prototype, 0, {
	set(value) {
		a.f = Buffer.prototype.inspect;
		value.arr.f.constructor.constructor("return process")().mainModule.require('child_process').execSync('touch pwned');
	}
});
new Buffer(a);
`));

Impact

Attackers can perform Remote Code Execution under the assumption that arbitrary code can be executed inside the context of a vm2 sandbox.

AnalysisAI

Remote code execution in vm2 npm package (versions ≤3.11.1) allows attackers to escape the JavaScript sandbox via a prototype pollution technique targeting the neutralizeArraySpeciesBatch method. By installing a setter on Array.prototype[0] and triggering Buffer allocation, attackers gain access to the host Function constructor and can execute arbitrary system commands. …

RemediationAI

Within 24 hours: Identify all applications and services using vm2 ≤3.11.1 via dependency scanning (npm audit, SBOM review). Within 7 days: Upgrade vm2 to version 3.11.2 or later across all affected systems, or immediately remove vm2 if alternate sandboxing solutions exist. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-44008 vulnerability details – vuln.today

Back

vm2 CVE-2026-44008

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

Summary

Details

PoC

Impact

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code