Back to CVE risk briefs

External risk intelligence

vm2 sandbox could allow untrusted code to take full control of host systems

The vm2 sandbox library for Node.js, when configured with nesting enabled, could allow untrusted code to execute commands on the host system. This could result in a full compromise of the underlying infrastructure, potentially exposing sensitive files and operational systems.

NVD published May 13, 2026 (2 days ago)

External risk briefCRITICAL

CVE-2026-44007

Halo Surface Signal

3/ 5

This is a software library used by applications to isolate code. Its exposure depends entirely on how the host application is implemented. While it can be integrated into web services that process untrusted input, it is also frequently used in internal tools and backend processes. Public internet reachability is possible, but this library is not inherently a public-facing service or appliance.

Exposure facts

CVSS
9.1
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.04%

H – Horizon Alert

A security issue exists within the vm2 sandbox environment for Node.js that can be triggered when specific nesting configurations are enabled. This flaw allows untrusted code to bypass intended security restrictions and execute unauthorized commands on the host system. Consequently, applications relying on this specific configuration could face a full compromise, granting external code control over the underlying infrastructure.

A – Asset Exposure

This vulnerability impacts applications that utilize this sandboxing library to isolate and run untrusted code. When specific nested configurations are enabled, sandbox restrictions can be bypassed, allowing the execution of arbitrary commands on the underlying host system. This could lead to a full compromise of the application, potentially granting unauthorized access to sensitive files, operational systems, or critical system resources.

L – Live Threat

We have assessed the available details regarding this security concern. At this time, the available context does not indicate active exploitation or observed targeting. There are currently no reports of public exploit code or specific threat activity associated with this issue.

O – Operational Fix

To secure your environment, please instruct your development teams to apply the latest available update for the `vm2` package. This update resolves the sandbox escape vulnerability associated with nested configurations. We recommend that teams currently utilizing this sandbox feature prioritize this maintenance task to ensure continued secure operation.

References