VM2 Sandbox Escape Allows Arbitrary Code Execution

VM2 is a popular open-source sandboxing solution for Node.js that isolates untrusted code execution environments. Prior to version 3.11.4, a critical sandbox breakout vulnerability (CVE-2026-47208, CVSS 10.0) allows attackers to escape the VM2 isolation boundary and execute arbitrary commands directly on the host system. This affects any organization using VM2 to sandbox user-submitted code, plugins, or third-party scripts—a common pattern in SaaS platforms, code execution services, and development tools. The perfect score severity reflects the complete compromise of the sandbox's core security function, enabling full system takeover from within what should be a restricted execution context.

While no MITRE ATT&CK techniques are currently mapped to this CVE, Casky's AI-driven analysis engine would detect attack patterns consistent with Defense Evasion and Execution techniques by examining the vulnerability's root cause—improper isolation boundaries that allow privilege escalation from sandbox to host. Practitioners using Casky would see findings highlighting the sandbox escape mechanism and correlate it with process execution patterns, code injection indicators, and host system access attempts that breach expected isolation. The absence of mapped MITRE techniques underscores the importance of Casky's extended reasoning capability: Claude AI can infer attack paths beyond static mappings, helping security teams understand that any successful exploitation represents a complete loss of execution environment control—equivalent to Defense Evasion (T1211) combined with direct code execution on the underlying operating system. Organizations should immediately upgrade VM2 to 3.11.4 and audit systems for exploitation attempts.