HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-47137Published Modified CNA GitHub_M

CVE-2026-47137: vm2: GHSA-8hg8-63c5-gwmx patch bypass: nesting:true without explicit require still allows full RCE

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: true + require: false. However, the check uses strict equality (options.require === false), which is trivially bypassed by omitting the require option entirely. When require is not specified, options.require is undefined, not false. The strict equality check fails, so the security guard is skipped. Immediately after (line 280), the destructuring default require: requireOpts = false assigns requireOpts = false, producing the exact configuration the patch was designed to prevent. This issue has been patched in version 3.11.4.

Metrics

CVSS v3.1
10.0
Severity
CRITICAL
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A patch-bypass vulnerability in the vm2 Node.js sandbox library allows an attacker to achieve full remote code execution by exploiting a logic flaw in the security guard introduced by a prior fix (CVE-2023-37903). The affected code uses strict equality to check for a blocked configuration, but omitting the relevant option entirely causes the check to be skipped, reproducing the exact dangerous state the patch was meant to prevent. Exploitation requires no authentication and is reachable over the network, giving an attacker complete control over confidentiality, integrity, and availability of the host. A patched-image rebuild at vm2 version 3.11.4 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-47137 is available across every HarborGuard environment; the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images in connected registries and CI pipelines, including custom-built images that bundle vm2 as a dependency.

Available
Triage

HarborGuard scores this CVE at CVSS 10.0 Critical and weights it against each environment's compliance policy to determine urgency, then routes the finding to the appropriate team inbox within the customer organization.

Available
Patch

A patched-image rebuild at vm2 version 3.11.4 becomes available on HarborGuard as soon as the fixed package is resolvable in the dependency graph. For customers who opt into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite, and opens a pull request against affected workloads automatically.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable vm2 sandbox is exposed over the network; an attacker must be able to reach the service from a remote network location to deliver the malicious payload.

  • AuthenticationNot required

    No credentials or account of any privilege level are needed to trigger the vulnerability.

  • Victim interactionNot required

    Exploitation is fully automated and does not require any action from a user or administrator on the target system.

  • Attack complexityDetail

    The exploit is reliable and condition-free; no race conditions, memory-layout dependencies, or environmental prerequisites must be satisfied.

Blast Radius

  • A successful attacker escapes the vm2 sandbox entirely and executes arbitrary code with the privileges of the host Node.js process.
  • All data accessible to the process is readable, including environment variables, secrets, credentials, and in-memory session tokens.
  • An attacker can write, modify, or delete files and data that the process has access to, corrupting application state or persisted records.
  • The attacker can terminate the host process or consume system resources, causing a full service outage for the affected application.

How HarborGuard Handles This

Available on HarborGuard: scanning for CVE-2026-47137 is active across all connected registries and pipelines, covering any image that resolves vm2 below version 3.11.4, whether pulled from a public registry or built internally. Given the CVSS 10.0 Critical rating and the scope-changed, no-interaction exploit profile, HarborGuard prioritizes this finding at the highest urgency tier. Where compliance policy permits, customers with auto-remediation enabled receive a rebuilt image pinned to vm2 3.11.4, a regression test run against that image, and a PR opened against affected workloads; median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes for environments with auto-remediation enabled. For environments where auto-remediation is not enabled, the finding surfaces immediately in the triage queue with remediation guidance pointing to the 3.11.4 upgrade. As an interim compensating control before patching, consider restricting network ingress to the service hosting vm2, applying egress filtering to limit what a compromised process can reach, and auditing any application paths that pass untrusted input into vm2 sandbox instantiation.

See how HarborGuard automates this
Affected packages
  • patriksimek / vm2
    < 3.11.4
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
References