pkg:npm/vm2

All known vulnerabilities

• CRITICAL10.0CVE-2026-47140NodeVM builtin denylist bypass via process and inspector/promises allows host code execution
  from 0, < 3.11.4
• CRITICAL10.0CVE-2026-47137vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE
  from 0, < 3.11.4
• CRITICAL10.0CVE-2026-47208vm2 is Vulnerable to Sandbox Breakout Through Promise Species
  from 0, < 3.11.4
• CRITICAL10.0CVE-2026-47131vm2 has a Sandbox Escape issue
  from 0, < 3.11.4
• CRITICAL10.0CVE-2026-44005vm2: Mutable Proxies for Host Intrinsic Prototypes Allows Sandbox Escape
  >= 3.9.6, < 3.11.0
• CRITICAL10.0CVE-2026-43997vm2 Access to Host Object Enables Sandbox Escape
  from 0, < 3.11.0
• CRITICAL10.0CVE-2026-44006vm2 has a Sandbox Escape Vulnerability
  from 0, < 3.11.0
• CRITICAL10.0CVE-2022-36067vm2 vulnerable to Sandbox Escape resulting in Remote Code Execution on host
  from 0, < 3.9.11
• CRITICAL9.9CVE-2026-43999vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandbox escape
  >= 3.10.5, < 3.11.0
• CRITICAL9.8CVE-2026-47210vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass
  from 0, < 3.11.4
• CRITICAL9.8CVE-2026-45411vm2 Has a Sandbox Breakout Using Async Generator
  from 0, < 3.11.3
• CRITICAL9.8CVE-2026-44009vm2 has Sandbox Breakout Through Null Proto Exception
  from 0, < 3.11.2
• CRITICAL9.8CVE-2026-44008vm2 has sandbox breakout via `neutralizeArraySpeciesBatch`
  from 0, < 3.11.2
• CRITICAL9.8CVE-2026-26956VM2 Has a WASM Sandbox Escape (Node 25 only)
  >= 3.10.4, < 3.10.5
• CRITICAL9.8CVE-2026-26332VM2 Has a Sandbox Escape Issue via SuppressedError
  from 0, < 3.11.0
• CRITICAL9.8CVE-2026-24781VM2 Has Sandbox Breakout Through Inspect Function
  from 0, < 3.11.0
• CRITICAL9.8CVE-2026-24120VM2 Has Sandbox Breakout Through Promise Species
  from 0, < 3.10.5
• CRITICAL9.8CVE-2026-24118VM2 Sandbox Breakout Through __lookupGetter__
  from 0, < 3.11.0
• CRITICAL9.8CVE-2026-22709vm2 has a Sandbox Escape
  from 0, < 3.10.2
• CRITICAL9.8CVE-2023-37466vm2 Sandbox Escape vulnerability
  from 0, < 3.10.0
• CRITICAL9.8CVE-2023-37903vm2 Sandbox Escape vulnerability
  from 0, <= 3.9.19
• CRITICAL9.8CVE-2023-32314vm2 Sandbox Escape vulnerability
  from 0, < 3.9.18
• CRITICAL9.8CVE-2023-30547vm2 Sandbox Escape vulnerability
  from 0, < 3.9.17
• CRITICAL9.8CVE-2023-29199vm2 Sandbox Escape vulnerability
  from 0, < 3.9.16
• CRITICAL9.8CVE-2023-29017vm2 vulnerable to sandbox escape
  from 0, < 3.9.15
• CRITICAL9.8CVE-2022-25893vm2 vulnerable to Arbitrary Code Execution
  from 0, < 3.9.10
• CRITICAL9.8CVE-2021-23555Sandbox bypass in vm2
  from 0, < 3.9.6
• CRITICAL9.8CVE-2021-23449Prototype Pollution in vm2
  from 0, < 3.9.4
• CRITICAL9.1CVE-2026-44007vm2 NodeVM `nesting: true` bypasses `require: false` allowing sandbox escape and arbitrary OS command execution
  from 0, < 3.11.1
• HIGH8.7CVE-2026-47135vm2 has a sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checks
  from 0, < 3.11.4
• HIGH8.6CVE-2026-47139NodeVM network builtin exclusions bypass via internal _http_client and _http_server
  from 0, < 3.11.4
• HIGH8.6CVE-2026-47209vm2's Bridge Proxy set trap ignores receiver parameter, enabling host object property injection via prototype chain
  from 0, < 3.11.4
• HIGH8.6CVE-2026-44001vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS)
  from 0, < 3.11.0
• HIGH8.5CVE-2026-43998vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape
  >= 3.10.5, < 3.11.0
• HIGH8.3CVE-2019-10761vm2 before 3.6.11 vulnerable to sandbox escape
  from 0, < 3.6.11
• HIGH7.5CVE-2026-44004vm2 Sandbox Access to Host Buffer.alloc Allows timeout Bypass Resulting in Memory Exhaustion
  from 0, < 3.11.0
• MEDIUM6.5CVE-2026-44000vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary
  from 0, < 3.11.0
• MEDIUM5.8CVE-2026-44002vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak
  from 0, < 3.11.0
• MEDIUM5.3CVE-2026-44003vm2's Transformer Fast-Path Bypass Exposes Internal State Variable
  from 0, < 3.11.0
• MEDIUM5.3CVE-2023-32313vm2 vulnerable to Inspect Manipulation
  from 0, < 3.9.18
• —CVE-2026-47141NodeVM observability builtins leak host process and HTTP request data
  from 0, < 3.11.4