CVE-2026-43998: vm2 Sandbox Bypass Leads to RCE in Node.js

/HIGH /CVSS 8.5/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severityremote-code-executioncwe-59
CVE-2026-43998: vm2 Sandbox Bypass Leads to RCE in Node.js

The National Vulnerability Database has disclosed CVE-2026-43998, a critical vulnerability in vm2, an open-source sandbox environment for Node.js. This flaw, present in versions up to 3.10.5, allows sandboxed code to escape its confines and execute arbitrary modules from the host system, effectively leading to remote code execution (RCE) with a CVSS score of 8.5 (HIGH).

The core issue lies in how vm2 handles path validation versus module loading. According to the National Vulnerability Database, NodeVM’s require.root path restriction can be bypassed using filesystem symlinks. While path.resolve() (used for validation) does not dereference symlinks, Node’s native require() (used for loading) does. This mismatch creates a critical window for attackers to trick the sandbox into loading modules outside the intended root directory.

For defenders, this is a clear and present danger if vm2 is used in any untrusted code execution scenario. An attacker who can execute code within the vm2 sandbox, even with limited privileges, can leverage this vulnerability to gain full control over the host system. This isn’t just a denial-of-service; it’s a full compromise, making it imperative to address immediately.

What This Means For You

  • If your organization utilizes vm2 for isolating Node.js code, you are exposed. Prioritize patching to version 3.11.0 or later immediately. Audit any Node.js applications that rely on vm2 for sandboxing untrusted input or third-party code, as this RCE vector can lead to complete system compromise.

Related ATT&CK Techniques

T1574.006 Hijack Execution Flow: DLL Side-Loading Privilege Escalation T1078.001 Valid Accounts: Default Accounts Initial Access T1059.003 Command and Scripting Interpreter: Windows Command Shell Execution

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1574.006 Privilege Escalation

CVE-2026-43998: vm2 Sandbox Bypass via Symlink to Load Host Module

Sigma YAML — free preview 
title: CVE-2026-43998: vm2 Sandbox Bypass via Symlink to Load Host Module
id: scw-2026-05-13-ai-1
status: experimental
level: critical
description: |
  Detects the use of Node.js's vm2 sandbox bypass (CVE-2026-43998) by looking for Node.js processes attempting to 'require' modules from parent directories, indicating a potential symlink-based sandbox escape to load host modules.
author: SCW Feed Engine (AI-generated)
date: 2026-05-13
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-43998/
tags:
  - attack.privilege_escalation
  - attack.t1574.006
logsource:
    category: process_creation
detection:
  selection:
      Image|contains:
          - 'node'
      ParentImage|contains:
          - 'node'
      CommandLine|contains:
          - 'require(\'../'
          - 'require(\'..\\'
      condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-43998 RCE vm2 Node.js sandbox version 3.10.5
CVE-2026-43998 Path Traversal vm2 NodeVM's require.root path restriction bypass via filesystem symlinks
CVE-2026-43998 Code Injection vm2 NodeVM's path validation using path.resolve() vs. module loading using native require()

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 13, 2026 at 21:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

Featured

Daily Security Digest — 2026-05-13

41 vulnerability disclosures (10 Critical, 31 High) and 10 curated intelligence stories from 6 sources.

daily-digestvulnerabilityCVEcriticalhigh-severitycwe-328cwe-648remote-code-executioncwe-502cwe-88
/SCW Daily Digest /CRITICAL

CVE-2026-8496 — Cross-Site Scripting (XSS)

CVE-2026-8496 — A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within...

vulnerabilityCVEmedium-severitycross-site-scripting-xss
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 1 IOC /⚙ 3 Sigma

Netty DoS Vulnerability (CVE-2026-42587) Bypasses Decompression Limits

CVE-2026-42587 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 4 Sigma