Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAJNb=Zp7rsHLU6s7KHLO-=DRmFSUz57f0JQqO3rd2BGGAO4wvQ@mail.gmail.com>
Date: Tue, 5 May 2026 10:57:45 -0700
From: Akshat Sinha <akshat.snh@...il.com>
To: oss-security@...ts.openwall.com
Subject: vm2: sandbox escape in NodeVM with nesting:true (CVE-2026-44007)

Package: patriksimek/vm2
Affected versions: <= 3.11.0
Fixed version: 3.11.1
Severity: Critical

vm2 before 3.11.1 is vulnerable to sandbox escape / host OS command
execution when `NodeVM` is used with `nesting: true` and untrusted code.

In the vulnerable case, sandboxed code can `require('vm2')` regardless of
the outer VM's `require` restrictions, including `require: false`, then
create an inner `NodeVM` with attacker-chosen settings and execute
arbitrary OS commands on the host.

The 3.11.1 fix rejects `new NodeVM({ nesting: true, require: false })` at
construction time. The maintainer also notes that `nesting: true` remains
an escape hatch by design; untrusted code should not be run with
`nesting: true` enabled.

References:
https://github.com/patriksimek/vm2/security/advisories/GHSA-8hg8-63c5-gwmx
https://github.com/patriksimek/vm2#5-nesting-true-is-an-escape-hatch
https://github.com/patriksimek/vm2/releases/tag/v3.11.1
https://github.com/patriksimek/vm2/blob/main/docs/ATTACKS.md#attack-category-25-nodevm-nesting-true--require-false-configuration-trap

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.