Urgent: 13 Critical VM2 Sandbox Flaws Expose Hosts to Code Execution

Breaking: Multiple Critical Holes Found in Popular JavaScript Sandbox

Thirteen critical vulnerabilities have been identified in the vm2 JavaScript sandbox library, with two allowing full sandbox escape and arbitrary code execution on the host system. Developers are urged to upgrade to version 3.11.2 immediately.

The warnings come from Patrik Simek, vm2 maintainer, who published advisories detailing the flaws. The most severe, CVE-2026-26956, enables a complete sandbox break—giving attacker-controlled code the ability to run host commands without any cooperation from the host.

Researchers at Socket confirmed the vulnerability requires a specific environment: Node.js 25.6.1 with WebAssembly exception handling and JSTag support. “This is a narrow but high-impact vulnerability,” said Socket research engineer Wenxin Jiang. “When conditions line up, the security boundary fails completely.”

Shortly after the report, Socket issued an update noting the scope is broader than initially thought. Their testing found the flaw affects all vm2 versions before 3.10.5 on any Node.js runtime exposing WebAssembly.JSTag—including Node.js 24.x. Socket is releasing a patch for teams that cannot upgrade immediately.

Second Critical Flaw: CVE-2026-44007

Another critical hole, CVE-2026-44007, stems from improper access control in the nesting:true option combined with the legacy module resolver. This also permits full sandbox escape and arbitrary OS command execution.

The flaw was patched in vm2 version 3.11.1. Jiang emphasized both vulnerabilities deserve urgent attention, but the nesting issue “may be the one more organizations need to audit for immediately.”

Background

vm2 is an open-source virtual machine sandbox for Node.js, designed to run untrusted code safely inside a controlled environment. It limits access to whitelisted built-in modules.

The library is widely used in applications that execute user-supplied JavaScript, making these vulnerabilities particularly dangerous for software-as-a-service platforms, code playgrounds, and security analysis tools.

What This Means

For developers, the immediate action is to upgrade vm2 to the latest patched version (3.11.2) and verify that no deprecated versions remain in use. Teams using the library must also audit their Node.js runtime to ensure the vulnerable WebAssembly combination is not present.

Socket’s patch offers a temporary workaround for those who cannot upgrade. “Both vulnerabilities deserve urgent attention,” Jiang reiterated, “because when exploited, the sandbox becomes useless—host execution is game over for security.”