CVE-2026-43998: vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape

May 7, 2026

NodeVM’s require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code to load modules from outside the allowed root directory in host context. Because path validation uses path.resolve() (which does not dereference symlinks) but module loading uses Node’s native require() (which does), an attacker can load arbitrary host-realm modules and achieve remote code execution.

References

github.com/advisories/GHSA-cp6g-6699-wx9c
github.com/patriksimek/vm2
github.com/patriksimek/vm2/releases/tag/v3.11.0
github.com/patriksimek/vm2/security/advisories/GHSA-cp6g-6699-wx9c
nvd.nist.gov/vuln/detail/CVE-2026-43998

Code Behaviors & Features

Detect and mitigate CVE-2026-43998 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →