Executive Summary

CVE-2026-47141 is a security vulnerability in the vm2 library, specifically in the NodeVM sandbox for Node.js. The issue arises because certain process-wide observability builtins such as diagnostics_channel, async_hooks, perf_hooks, and v8 were not blocked by the sandbox's denylist. These modules allow sandboxed code to access sensitive host process data without needing to execute code outside the sandbox.

This means that untrusted JavaScript code running inside the sandbox could read sensitive information like HTTP request headers (including authorization tokens), async context user IDs, performance marks containing request or user data, and even the entire V8 heap. The vulnerability is classified as an information disclosure issue rather than a remote code execution threat.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information from the host application to sandboxed code. Specifically, sandboxed code can observe and extract data such as HTTP request headers (including authorization or session tokens), request context values, user identifiers, and other diagnostic data that should remain private.

The impact depends on whether the host application uses these observability builtins and allows them within the sandbox environment. If so, attackers could gain access to sensitive user or application data, potentially compromising user privacy and security.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the vm2 library's NodeVM allowing sandboxed code to access certain process-wide observability builtins such as diagnostics_channel, async_hooks, and perf_hooks. Detection involves checking if your system is running a vulnerable version of vm2 (prior to 3.11.4) and if these builtins are allowed through require.builtin in your sandbox configuration.

To detect this on your system, you can:

• Check the installed vm2 package version using npm or yarn commands, for example: `npm list vm2` or `yarn list vm2`.
• Inspect your Node.js application code or configuration to see if the sandboxed environment uses NodeVM and if the require.builtin allowlist includes diagnostics_channel, async_hooks, or perf_hooks.
• Look for usage of these builtins in sandboxed code or logs that might indicate access to process-wide observability modules.

There are no specific network commands provided in the resources to detect exploitation attempts, as this is an information disclosure vulnerability within the sandbox environment rather than a network-based attack.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to upgrade the vm2 package to version 3.11.4 or later, where this vulnerability has been patched.

This update extends the denylist of dangerous builtins to include diagnostics_channel, async_hooks, perf_hooks, and v8, preventing sandboxed code from accessing process-wide observability modules.

Additionally, review your sandbox configuration to ensure that the require.builtin allowlist does not include these sensitive modules unless absolutely necessary.

If upgrading immediately is not possible, consider restricting or disabling the use of these builtins in your sandbox environment to limit information disclosure.

Useful 0 Not Useful 0

Compliance Impact

This vulnerability allows sandboxed code to access sensitive host process data such as HTTP request headers (including authorization or session tokens), user identifiers, and other diagnostics data. Such unauthorized exposure of sensitive personal or user data can lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive information.

Because the vulnerability enables information disclosure across sandbox boundaries, it may compromise confidentiality requirements mandated by these standards, potentially resulting in non-compliance if exploited.

Useful 0 Not Useful 0