Security Advisory - Published 2026-06-13 - Node.js / vm2
vm2 June 2026 CVE batch: check sandbox use before 3.11.4
Services that run customer code, formulas, plugins, workflow scripts, or AI-generated JavaScript through vm2 should treat this batch as urgent. Multiple findings affect vm2 before 3.11.4 and can break the expected sandbox boundary.
Who should check
- Node.js apps that evaluate user-supplied JavaScript, formulas, or workflow code.
- SaaS products that use vm2 for plugin, automation, or custom-script execution.
- Internal tools that run AI-generated code in a server-side sandbox.
- CI systems or bots that execute repository-provided JavaScript.
Version and dependency checks
npm ls vm2
pnpm why vm2
yarn why vm2
rg '"vm2"|from "vm2"|require\\("vm2"\\)' . Any vm2 version below 3.11.4 should be upgraded. Check lock files and container images; a direct dependency can be fixed while an older transitive copy remains in another service.
Exposure checks
- Identify every endpoint, queue worker, or admin tool that accepts code or expressions from users.
- Check whether sandboxed code can reach secrets, filesystem paths, network clients, or cloud metadata.
- Review recent sandbox errors, unexpected outbound requests, and worker restarts.
- Rotate tokens used by sandbox workers if untrusted code ran before the patch.
Safe fix path
- Upgrade vm2 to 3.11.4 or later in every Node.js service and worker image.
- Rebuild containers from a clean lock file and redeploy workers before web frontends.
- Disable customer-code execution while the patch is being rolled out if exposure is unclear.
- Review sandbox worker logs and outbound network telemetry for the advisory window.
- Consider moving untrusted code execution into a separate runtime, account, network, and filesystem boundary.
Ping7 repair path
Ping7 can review vm2 dependency state, sandbox exposure, worker logs, and post-patch isolation for owned or client-approved systems. Use CVE Repair if untrusted code ran in production or the service stores secrets near the sandbox.