CVE-2026-44006

Description

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes. This vulnerability is fixed in 3.11.0.

CVSS Details

CVSS Score

10.0

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:vm2_project:vm2:*:*:*:*:*:node.js:*:* - VULNERABLE

vm2 < 3.11.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

const {VM} = require('vm2');
const vm = new VM();

// Conceptual PoC for CVE-2026-44006
// This demonstrates triggering the prototype access
const maliciousCode = `
  try {
    // Attempting to trigger BaseHandler.getPrototypeOf
    // to access arbitrary prototypes and escape sandbox
    const obj = {};
    const proto = Object.getPrototypeOf(obj);
    // Further exploitation logic would go here to achieve RCE
    "Sandbox Escape Successful";
  } catch (e) {
    e.message;
  }
`;

console.log(vm.run(maliciousCode));

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-44006
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-44006
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-44006/
[4] VulDB https://vuldb.com/cve/CVE-2026-44006
[5] https://github.com/patriksimek/vm2/security/advisories/GHSA-qcp4-v2jj-fjx8
[6] https://github.com/patriksimek/vm2/security/advisories/GHSA-qcp4-v2jj-fjx8

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-44006", "sourceIdentifier": "[email protected]", "published": "2026-05-13T18:16:17.387", "lastModified": "2026-05-14T15:19:08.680", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes. This vulnerability is fixed in 3.11.0."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-94"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:vm2_project:vm2:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "3.11.0", "matchCriteriaId": "6DD48308-6219-4C66-9BE7-246EE56FB834"}]}]}], "references": [{"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-qcp4-v2jj-fjx8", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/patriksimek/vm2/security/advisories/GHSA-qcp4-v2jj-fjx8", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}