A critical sandbox escape vulnerability has been disclosed in the vm2 Node[.]js library, tracked as CVE-2026-22709, with a CVSS score of 9.8. The flaw stems from improper sanitisation of Promise handlers, creating an escape vector that could allow arbitrary code execution outside the sandbox. The vm2 maintainers have noted that in version 3.10.0, the Promise.prototype[.]then and Promise.prototype[.]catch sanitisation can be bypassed, enabling sandbox escape.
According to Endor Labs researchers Peyton Kennedy and Cris Staicu, the issue arises because async functions return globalPromise objects, and their then/catch are not properly sanitised. The vulnerability has been addressed in vm2 version 3.10.2, and users are advised to update to the latest release 3.10.3, which includes fixes for additional sandbox escapes.
The article also notes that, in the past, vm2 faced multiple sandbox-escape CVEs and that the project has evolved towards alternatives such as isolated-vm, with a suggestion to maintain isolation practices and consider Docker where appropriate.