CRITICAL10.0CVE-2026-47140NodeVM builtin denylist bypass via process and inspector/promises allows host code execution from 0, < 3.11.4
CRITICAL10.0CVE-2026-47137vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE from 0, < 3.11.4
CRITICAL10.0CVE-2026-47208vm2 is Vulnerable to Sandbox Breakout Through Promise Species from 0, < 3.11.4
CRITICAL10.0vm2 has a Sandbox Escape issue
from 0, < 3.11.4
CRITICAL10.0vm2: Mutable Proxies for Host Intrinsic Prototypes Allows Sandbox Escape
>= 3.9.6, < 3.11.0
CRITICAL10.0vm2 Access to Host Object Enables Sandbox Escape
from 0, < 3.11.0
CRITICAL10.0vm2 has a Sandbox Escape Vulnerability
from 0, < 3.11.0
CRITICAL10.0vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host
from 0, < 3.9.11
CRITICAL9.9vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
>= 3.10.5, < 3.11.0
CRITICAL9.8vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass
from 0, < 3.11.4
CRITICAL9.8vm2 Has a Sandbox Breakout Using Async Generator
from 0, < 3.11.3
CRITICAL9.8vm2 has Sandbox Breakout Through Null Proto Exception
from 0, < 3.11.2
CRITICAL9.8vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`
from 0, < 3.11.2
CRITICAL9.8VM2 Has a WASM Sandbox Escape
>= 3.10.4, < 3.10.5
CRITICAL9.8VM2 Has a Sandbox Escape Issue via SuppressedError
from 0, < 3.11.0
CRITICAL9.8VM2 Has Sandbox Breakout Through Inspect Function
from 0, < 3.11.0
CRITICAL9.8VM2 Has Sandbox Breakout Through Promise Species
from 0, < 3.10.5
CRITICAL9.8VM2 Sandbox Breakout Through __lookupGetter__
from 0, < 3.11.0
CRITICAL9.8vm2 has a Sandbox Escape
from 0, < 3.10.2
CRITICAL9.8vm2 Sandbox Escape vulnerability
from 0, < 3.10.0
CRITICAL9.8vm2 Sandbox Escape vulnerability
from 0, <= 3.9.19
CRITICAL9.8vm2 Sandbox Escape vulnerability
from 0, < 3.9.18
CRITICAL9.8vm2 Sandbox Escape vulnerability
from 0, < 3.9.17
CRITICAL9.8vm2 Sandbox Escape vulnerability
from 0, < 3.9.16
CRITICAL9.8vm2 vulnerable to sandbox escape
from 0, < 3.9.15
CRITICAL9.8vm2 vulnerable to Arbitrary Code Execution
from 0, < 3.9.10
CRITICAL9.8Sandbox bypass in vm2
from 0, < 3.9.6
CRITICAL9.8Prototype Pollution in vm2
from 0, < 3.9.4
CRITICAL9.1vm2 NodeVM `nesting: true` bypasses `require: false` allowing sandbox escape and arbitrary OS command execution
from 0, < 3.11.1
HIGH8.7vm2 has a sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checks
from 0, < 3.11.4
HIGH8.6NodeVM network builtin exclusions bypass via internal _http_client and _http_server
from 0, < 3.11.4
HIGH8.6vm2's Bridge Proxy set trap ignores receiver parameter, enabling host object property injection via prototype chain
from 0, < 3.11.4
HIGH8.6vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)
from 0, < 3.11.0
HIGH8.5vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape
>= 3.10.5, < 3.11.0
HIGH8.3vm2 before 3.6.11 vulnerable to sandbox escape
from 0, < 3.6.11
HIGH7.5vm2 Sandbox Access to Host Buffer.alloc Allows timeout Bypass Resulting in Memory Exhaustion
from 0, < 3.11.0
MEDIUM6.5vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary
from 0, < 3.11.0
MEDIUM5.8vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
from 0, < 3.11.0
MEDIUM5.3vm2's Transformer Fast-Path Bypass Exposes Internal State Variable
from 0, < 3.11.0
MEDIUM5.3vm2 vulnerable to Inspect Manipulation
from 0, < 3.9.18
—NodeVM observability builtins leak host process and HTTP request data
from 0, < 3.11.4