vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: true + require: false. However, the check uses strict equality (options.require === false), which is trivially bypassed by omitting the require option entirely. When require is not specified, options.require is undefined, not false. The strict equality check fails, so the security guard is skipped. Immediately after (line 280), the destructuring default require: requireOpts = false assigns requireOpts = false, producing the exact configuration the patch was designed to prevent. This issue has been patched in version 3.11.4.
Casky was already ahead
This CVE exploits attack patterns that Casky's 0matched skills already investigate — long before this vulnerability was disclosed. Claude's reasoning model maps these techniques to MITRE ATT&CK, so practitioners who ran these skills have already seen the threat behaviour in their findings.
CVE-2026-47137 is a critical sandbox escape vulnerability in vm2, a popular Node.js virtualization library used to execute untrusted code in isolated environments. The vulnerability stems from a flawed security check that was intended to prevent dangerous option combinations (nesting: true paired with require: false). However, the check uses strict equality comparison (=== false) rather than loose equality or explicit undefined checking, allowing attackers to bypass the restriction by simply omitting the require option entirely. This affects any application relying on vm2 for code isolation, particularly those executing user-supplied scripts, plugins, or dynamic code. With a CVSS score of 10, this represents complete sandbox escape, enabling arbitrary code execution with the privileges of the Node.js process.
Casky's Claude-powered analysis would detect attack patterns associated with this vulnerability through behavioral monitoring of sandbox breakout attempts and code execution anomalies. While this specific CVE maps to CWE-913 (Improper Control of Dynamically-Managed Code Resources) rather than discrete MITRE ATT&CK techniques, practitioners would identify suspicious indicators including: unusual require() calls originating from supposedly sandboxed contexts, nested VM instantiation patterns that should be blocked, and privilege escalation signals where process-level operations execute from what should be restricted child processes. Security teams using Casky would receive findings highlighting configuration anomalies—specifically instances where vm2 options lack explicit require specifications—and execution flow violations where imported modules or system resources are accessed outside expected isolation boundaries. Extended reasoning capabilities would correlate these signals to confirm sandbox escape exploitation patterns.
Composite risk scoring from EPSS, CISA KEV, Shodan, and GreyNoise — 21 security APIs correlated into a single Casky Risk Score. Coming in Casky Pro. Join early access →
Casky has 0 skills that investigate the attack patterns behind CVE-2026-47137. Run one and get CVSS-scored findings in 3 minutes.
Run the skill that detects this →© 2026 Casky.AI, Inc. · AI Security Investigation