External risk intelligence

vm2 Sandbox Bypass Leads to Code Execution

CVE advisorySeverity: CRITICAL (CVSS 10.0)

CVE-2026-47137

A vulnerability in the vm2 Node.js sandbox allows bypassing security checks, potentially enabling code execution. This issue arises from a flawed strict equality check that can be circumvented, leading to unintended configurations. Readers should confirm if their Node.js applications use vm2 and are affected by this by

1Halo Surface Signal

External exposure likelihood

Halo Surface Signal score for CVE-2026-47137

vm2 is a library/sandbox module for Node.js developers. It is a build-time dependency integrated into application code rather than a standalone network-facing service, appliance, or gateway. Exposure is entirely dependent on how a developer implements the library within their own application logic, making public-internet exposure of the library itself inherently unlikely.

PCI scan relevance

PCI Relevance for CVE-2026-47137

Yes

CVE-2026-47137 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

This vulnerability in vm2, an open-source Node.js sandbox, allows for code execution and could lead to a PCI ASV scan failure.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

Horizon Alert

Summary of the vulnerability and why it matters

A security vulnerability has been identified in the vm2 library, a sandbox for Node.js applications. This issue could allow for the bypass of security checks, potentially leading to the execution of unintended code within isolated environments. The main concern is confirming if this library is in use and if the affected configurations are exposed.

Bypasses security checks in Node.js sandbox.
Critical for developers using this specific sandbox library.
Confirm relevance and ensure secure implementation.

Attack Path

How an attacker could exploit the issue

An attacker could bypass a security check in the vm2 library by carefully crafting the input that initializes the sandbox. This bypass allows the attacker to enable features that were intended to be blocked, potentially leading to code execution within the sandbox environment.

No special access required.
Bypass sandbox security checks.
Risk of arbitrary code execution.

Live Threat

Current exploitation, exposure, and threat context

When the vm2 sandbox is improperly configured, it could allow attackers to bypass security restrictions. This could lead to the execution of arbitrary code within the sandbox environment.

Node.js application code.
Improper sandbox configuration.
Arbitrary code execution.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

To address this critical vulnerability, application owners and platform teams should take the lead in identifying all instances of the affected Node.js library. The immediate first step is to confirm the library's presence within your codebase, assess its business criticality and external reachability, and identify the accountable product owner. Subsequently, a risk-based remediation plan should be developed, which may involve coordinating with vendors if the library is part of a third-party offering, or planning updates during scheduled maintenance windows.

Identify application owners and product teams.
Verify external exposure and business criticality.
Plan remediation based on identified risk.

Frequently asked questions

What is vm2 and why do developers use it?

vm2 is an open-source library designed to create isolated environments, or sandboxes, within Node.js applications. Developers use it to execute untrusted code safely by limiting the resources and system access available to that code. It acts as a protective container intended to prevent external scripts from interacting with the host system or accessing sensitive parts of the application's runtime.

What is the vulnerability class for CVE-2026-47137?

This vulnerability is classified as CWE-913: Improper Control of Generation of Code. In plain English, the sandbox fails to enforce its own security rules because of a logic error in how it checks configuration settings. By failing to account for undefined settings, the library inadvertently allows restricted features to be enabled, which can break the isolation barrier and allow unauthorized code execution.

How does an attacker trigger this sandbox bypass?

The bypass occurs when a developer initializes the sandbox without explicitly setting the 'require' option. The code contains a flaw that only looks for the specific value of 'false' to block dangerous features. If the option is simply left out, the check is skipped entirely, and the sandbox defaults to an insecure state. Crucially, explicitly setting 'require: true' or 'require: false' will avoid this specific logic failure.

Is my application at risk according to Halo Surface Signal?

Halo Surface Signal indicates that public-internet exposure of this vulnerability is very unlikely. Because vm2 is a library integrated into custom application code rather than a standalone network service, any risk depends entirely on how your developers have implemented it. The vulnerability is not an inherent flaw in a network appliance but a potential weakness in the specific application logic where the sandbox is deployed.

What should I do if my project uses vm2?

Your first step is to check your project dependencies to see if you are using a version of vm2 earlier than 3.11.4. If you find an affected version, the primary solution is to update the library to 3.11.4 or later, which includes the necessary patch to correctly handle configuration options. After updating, confirm that your sandbox configurations are explicitly set to meet your security requirements rather than relying on default behaviors.

References

Written by Nicholas Merritt

External-surface CVE analysis and Halo Surface Signal prioritization for Halo Threat Intelligence.