PT-2026-45021 · Npm · Vm2

Published

2026-05-29

Updated

2026-06-12

CVE-2026-47131

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions vm2 versions prior to 3.11.4

Description A sandbox escape exists that allows attackers to execute arbitrary code on the host system. This is achieved by combining Buffer.call.call({}. lookupGetter , Buffer, " proto "), Buffer.call.call({}. lookupSetter , Buffer, " proto "), and the Node.js ERR INVALID ARG TYPE Error to obtain the host's TypeError constructor.

Recommendations Update to version 3.11.4.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-913

Related Identifiers

CVE-2026-47131

GHSA-V6MX-MF47-R5WG

Affected Products

Vm2

PT-2026-45021 · Npm · Vm2

CVE-2026-47131

Weakness Enumeration

Related Identifiers

Affected Products

References · 9