CVE-2026-43998: CWE-59: Improper Link Resolution Before File Access ('Link Following') in patriksimek vm2
vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve() (which does not dereference symlinks) but module loading uses Node's native require() (which does), an attacker can load arbitrary host-realm modules and achieve remote code execution. This vulnerability is fixed in 3.11.0.
AI Analysis
Technical Summary
The vm2 sandbox for Node.js in version 3.10.5 has an improper link resolution vulnerability (CWE-59) where the require.root path restriction can be bypassed using symbolic links. The path validation relies on path.resolve(), which does not follow symlinks, but module loading uses Node's require(), which does follow symlinks. This discrepancy allows sandboxed code to load arbitrary modules from the host filesystem outside the intended sandbox root, enabling remote code execution. The vulnerability is addressed in version 3.11.0 of vm2.
Potential Impact
An attacker able to run code within the vm2 sandbox can exploit this vulnerability to bypass directory restrictions and load arbitrary modules from the host environment. This can lead to remote code execution with the privileges of the host process running vm2, compromising confidentiality, integrity, and availability of the host system.
Mitigation Recommendations
This vulnerability is fixed in vm2 version 3.11.0. Users should upgrade from version 3.10.5 to 3.11.0 or later to remediate the issue. Patch status is not explicitly stated in the vendor advisory, but the fix is included in the newer version. No other mitigations are indicated.
CVE-2026-43998: CWE-59: Improper Link Resolution Before File Access ('Link Following') in patriksimek vm2
Description
vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve() (which does not dereference symlinks) but module loading uses Node's native require() (which does), an attacker can load arbitrary host-realm modules and achieve remote code execution. This vulnerability is fixed in 3.11.0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vm2 sandbox for Node.js in version 3.10.5 has an improper link resolution vulnerability (CWE-59) where the require.root path restriction can be bypassed using symbolic links. The path validation relies on path.resolve(), which does not follow symlinks, but module loading uses Node's require(), which does follow symlinks. This discrepancy allows sandboxed code to load arbitrary modules from the host filesystem outside the intended sandbox root, enabling remote code execution. The vulnerability is addressed in version 3.11.0 of vm2.
Potential Impact
An attacker able to run code within the vm2 sandbox can exploit this vulnerability to bypass directory restrictions and load arbitrary modules from the host environment. This can lead to remote code execution with the privileges of the host process running vm2, compromising confidentiality, integrity, and availability of the host system.
Mitigation Recommendations
This vulnerability is fixed in vm2 version 3.11.0. Users should upgrade from version 3.10.5 to 3.11.0 or later to remediate the issue. Patch status is not explicitly stated in the vendor advisory, but the fix is included in the newer version. No other mitigations are indicated.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-04T20:24:31.917Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04ba1fcbff5d8610f48253
Added to database: 5/13/2026, 5:51:27 PM
Last enriched: 5/13/2026, 6:08:26 PM
Last updated: 5/14/2026, 6:49:07 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.