vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with async support on runtimes exposing WebAssembly JSPI (WebAssembly.promising / WebAssembly.Suspending). In the tested configuration, a JSPI-backed Promise can reach Promise.prototype.finally() in a way that bypasses the expected Promise-species hardening and exposes a host-originated rejection object to attacker-controlled species logic, breaking the sandbox boundary. This issue has been patched in version 3.11.4.
Casky was already ahead
This CVE exploits attack patterns that Casky's 0matched skills already investigate — long before this vulnerability was disclosed. Claude's reasoning model maps these techniques to MITRE ATT&CK, so practitioners who ran these skills have already seen the threat behaviour in their findings.
CVE-2026-47210 represents a critical sandbox escape vulnerability in vm2, a widely-used Node.js virtualization library that developers rely on to safely execute untrusted code. Prior to version 3.11.4, the vulnerability allows attackers to break out of the sandbox and execute arbitrary code on the host system by exploiting WebAssembly JSPI (JavaScript Promise Integration) functionality. The attack leverages improper Promise-species hardening, allowing malicious code to manipulate Promise.prototype.finally() in ways that expose host-originated rejection objects. This affects any application using vm2 to isolate untrusted scripts, third-party plugins, or user-generated code—particularly in educational platforms, code execution services, and content delivery systems that rely on JSPI-enabled runtimes.
While this CVE currently shows 0 matching Casky skills due to its recent disclosure, practitioners using Casky's extended reasoning capabilities with Claude AI should prioritize monitoring for Defense Evasion and Execution techniques related to code injection and runtime manipulation. When investigating systems running vulnerable vm2 versions, Casky's 754 mapped security skills would help practitioners identify suspicious WebAssembly module loading, unusual Promise chain manipulation patterns, and unexpected host process escalation indicators. Teams should immediately cross-reference their Node.js applications against the vm2 dependency tree, implement version controls to enforce 3.11.4+, and establish detection rules for WebAssembly runtime anomalies—capabilities that align with Casky's threat-mapping methodology for staying ahead of emerging sandbox escape patterns.
Composite risk scoring from EPSS, CISA KEV, Shodan, and GreyNoise — 21 security APIs correlated into a single Casky Risk Score. Coming in Casky Pro. Join early access →
Casky has 0 skills that investigate the attack patterns behind CVE-2026-47210. Run one and get CVSS-scored findings in 3 minutes.
Run the skill that detects this →© 2026 Casky.AI, Inc. · AI Security Investigation