Executive Summary

CVE-2026-47131 is a security vulnerability in the vm2 library, which is a sandbox for Node.js. The vulnerability allows sandboxed code to escape the sandbox by manipulating the prototype chain of host objects. Specifically, attackers exploit the apply trap in the bridge that lets sandbox code call host functions with a host object as the 'this' context. By using prototype-mutating functions like the '__proto__' setter or 'Object.setPrototypeOf', attackers can break the bridge's prototype-walking helpers, causing host objects to be returned unwrapped to the sandbox.

Once the host object is accessible, attackers can use 'e.constructor.constructor' to reach the host's Function object and execute arbitrary code, such as spawning a shell. The vulnerability was demonstrated using a Proof-of-Concept involving Buffer and triggering a host TypeError.

The issue was fixed in vm2 version 3.11.4 by implementing a two-layer defense: blocking sandbox calls to prototype-mutating functions and ensuring wrapped host objects are returned to prevent unwrapped host objects from reaching the sandbox.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts as it allows attackers to escape the vm2 sandbox and execute arbitrary code on the host system. This means an attacker could run malicious commands, spawn shells, or take full control of the environment running the vulnerable vm2 version.

Because the CVSS base score is 10.0, it indicates a critical severity with network attack vector, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by checking if your system is running a vulnerable version of the vm2 library prior to 3.11.4.

Since the exploit involves sandboxed code manipulating prototype chains and invoking host functions, detection involves verifying the vm2 version and monitoring for suspicious usage of prototype-mutating functions such as Object.prototype.__proto__ setter or Object.setPrototypeOf within sandboxed environments.

You can check the installed vm2 version by running the following command in your project directory:

• npm list vm2

If you find a vulnerable version, you should also audit your logs or runtime behavior for unusual calls to prototype-mutating functions or unexpected errors related to Node.js ERR_INVALID_ARG_TYPE, which might indicate exploitation attempts.

Useful 0 Not Useful 0

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade the vm2 library to version 3.11.4 or later, where the issue has been patched.

The patch implements a two-layer defense that blocks sandbox-initiated calls to dangerous prototype-mutating functions and prevents unwrapped host objects from reaching the sandbox.

Additionally, review your sandbox usage to ensure that no untrusted code can invoke host functions or manipulate prototype chains.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in vm2 allows attackers to escape the sandbox and execute arbitrary code on the host system. This can lead to unauthorized access, modification, or exfiltration of sensitive data.

Such unauthorized access and potential data breaches can impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls over data confidentiality, integrity, and access.

If exploited, this vulnerability could result in violations of these regulations due to compromised data security and privacy.

Useful 0 Not Useful 0