CVE 10 CRITICAL

vm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code execution_CVE-2026-47140

June 12, 2026 invoker category_cve

10 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, and inspector. However, the denylist misses process and inspector/promises. Both can be used from sandboxed code to reach host-side execution primitives. This allows sandboxed code to bypass the intended builtin restrictions and execute code in the host process. This issue has been patched in version 3.11.4.

AI Analysis

NodeVM builtin denylist bypass via process and inspector/promises allows host code execution

Basic Information

ID CVE-2026-47140

Source GitHub_M

Published Jun 12, 2026 at 14:16

Affected Product

Vendor patriksimek

Product vm2

Version < 3.11.4

Affected Versions patriksimek vm2 < 3.11.4

CWE Classification

CWE-693

AI Assessment

AI Score 10 / 10

AI Severity Critical

Vendor patriksimek

Product vm2

Version < 3.11.4

References

{
    "lastseen": "",
    "description": "vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as module, worker_threads, cluster, vm, repl, and inspector. However, the denylist misses process and inspector/promises. Both can be used from sandboxed code to reach host-side execution primitives. This allows sandboxed code to bypass the intended builtin restrictions and execute code in the host process. This issue has been patched in version 3.11.4.",
    "published": "2026-06-12T14:16:10.727Z",
    "modified": "2026-06-12T14:16:10.727Z",
    "type": "cve",
    "title": "vm2: NodeVM builtin denylist bypass via process and inspector/promises allows host code execution",
    "source": "GitHub_M",
    "references": "https://github.com/patriksimek/vm2/security/advisories/GHSA-rp36-8xq3-r6c4\nhttps://github.com/patriksimek/vm2/commit/a1ed47a98d1cc36cb48c0d566d55889688e0b59b\nhttps://github.com/patriksimek/vm2/releases/tag/v3.11.4",
    "id": "CVE-2026-47140",
    "bulletinFamily": "",
    "cwe": [
        "CWE-693"
    ],
    "cvelist": null,
    "sourceData": "patriksimek vm2 < 3.11.4",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "vm2",
    "version": "< 3.11.4",
    "vendor": "patriksimek",
    "ai_description": "NodeVM builtin denylist bypass via process and inspector/promises allows host code execution",
    "ai_severity": "Critical",
    "ai_vendor": "patriksimek",
    "ai_product": "vm2",
    "ai_version": "< 3.11.4",
    "ai_score": 10
}

💭 Join the Security Discussion ❌ Cancel Reply