https://feed.craftedsignal.io/products/vm2--3.10.3/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioWed, 06 May 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-05-vm2-sandbox-escape/Wed, 06 May 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-vm2-sandbox-escape/A vulnerability in vm2 versions 3.10.3 and earlier allows attackers to bypass a previous sandbox escape fix by manipulating Promise species, leading to arbitrary code execution on the host system.A critical vulnerability exists within the vm2 npm package, specifically in versions 3.10.3 and earlier. This vulnerability stems from an insufficient fix for a prior sandbox escape issue (GHSA-cchq-frgv-rjh5). Attackers can bypass the intended security measures by manipulating the species property of Promise objects. The flaw lies in the ability to overwrite native JavaScript functions like [].includes and Object.defineProperty, which are used in the resetPromiseSpecies function. By preventing the proper resetting of the Promise species, attackers can achieve arbitrary code execution on the host system, effectively breaking out of the vm2 sandbox. This vulnerability was reported in GHSA-qvjj-29qf-hp7p, published May 5, 2026.

Attack Chain

1. The attacker provides JavaScript code to be executed within the vm2 sandbox.
2. The code redefines Object.defineProperty to prevent modification of the species property.
3. The code defines an asynchronous function that returns an Error object with a Symbol as its name.
4. The constructor of the Promise is overwritten with a custom class that defines a specific Symbol.species.
5. The custom Symbol.species utilizes an executor that calls the reject function.
6. The reject function executes arbitrary code on the host system via child_process.execSync.
7. The attacker triggers the Promise’s then() method.
8. The host system executes arbitrary commands, such as creating a file named “pwned”.

Impact

Successful exploitation of this vulnerability allows attackers to perform Remote Code Execution (RCE) on the host system. Given the nature of vm2 as a sandbox environment for running untrusted code, this vulnerability represents a significant security risk. If an attacker can run arbitrary code inside the context of a vm2 sandbox, they can leverage this vulnerability to compromise the underlying host system, potentially leading to data theft, system takeover, or other malicious activities.

Recommendation

• Upgrade to a patched version of the vm2 package that addresses CVE-2026-24120.
• Deploy the provided Sigma rule detecting attempts to redefine Object.defineProperty within the vm2 environment to your SIEM.
• Monitor for unexpected process creation events originating from the vm2 process using the provided Sigma rule.

]]>criticaladvisorysandbox-escapercejavascripthttps://feed.craftedsignal.io/briefs/2026-05-vm2-sandbox-breakout/Wed, 06 May 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-vm2-sandbox-breakout/A sandbox breakout vulnerability exists in VM2 through the `inspect` function, allowing attackers to escape the sandbox and execute arbitrary commands on the host system.A critical sandbox escape vulnerability has been identified in VM2, a popular JavaScript sandbox environment for Node.js. This vulnerability, assigned CVE-2026-24781, stems from the improper handling of proxies within the inspect function. By exploiting this flaw, an attacker can bypass the VM2 sandbox and execute arbitrary code on the host system. The vulnerability affects VM2 versions 3.10.3 and earlier. This allows for remote code execution under the assumption that arbitrary code can be executed inside the context of a VM2 sandbox. Defenders should update to the latest version and implement the provided detections.

Attack Chain

1. The attacker executes code within the VM2 sandbox, leveraging the inspect function to log details of objects.
2. The inspect method unwraps proxies to access object details.
3. The attacker uses this.seen of the stylize function to extract unwrapped values, gaining access to the internal proxy handler of VM2.
4. The attacker accesses the sandbox object within the proxy handler. Accessing the handler is wrapped by a VM2 proxy.
5. The wrapped sandbox object is given into the sandbox.
6. The attacker writes a wrapped host object to the wrapped sandbox object.
7. The attacker reads the raw host object from the raw sandbox object, bypassing the proxy bridge.
8. The attacker utilizes the child_process module to execute arbitrary commands on the host system, such as creating a file named pwned.

Impact

Successful exploitation of this vulnerability allows attackers to perform Remote Code Execution (RCE) on the host system where the VM2 sandbox is running. This can lead to complete system compromise, data exfiltration, or denial of service. Given VM2’s usage in various applications for untrusted code execution, the impact could be widespread.

Recommendation

• Upgrade to the latest version of vm2 to patch CVE-2026-24781.
• Deploy the Sigma rules provided below to detect potential exploitation attempts.
• Monitor process creation events for suspicious commands executed by Node.js processes as highlighted in the attack chain.

]]>criticaladvisorysandbox-escapercevm2