Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the vm2 Node.js sandboxing library allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and impacts vm2 version 3.10.4, although earlier releases may also be vulnerable. Proof of concept exploit code has been published. The maintainer says the issue only impacts environments with Node.js 25, confirmed on version 25.6.1, that have enabled WebAssembly exception handling and JSTag support. vm2 is an open source library used to run untrusted JavaScript code inside a restricted sandbox. It is commonly employed The library attempts to isolate sandboxed code from the host and block access to sensitive APIs like process and the filesystem. It has more than 1.3 million weekly downloads on npm. The flaw stems from erroneous handling of exceptions crossing between the sandbox and the host. vm2 normally relies on JavaScript level protections against host based errors and bridge Proxies wrapping cross context objects. WebAssembly exception handling can intercept JavaScript errors at a lower level in Google's V8 engine, The leaked object allows attackers to abuse its constructor chain to access Node.js internals like the process object, enabling arbitrary command execution. The advisory includes a proof of concept for remote code execution. Users should upgrade to version 3.10.5 or later, with the latest at 3.11.2. At the beginning of the year vm2 faced another critical flaw tracked as CVE-2026-22709. Earlier issues include CVE-2023-30547, CVE-2023-29017 and CVE-2022-36067.