diff --git a/CHANGELOG.md b/CHANGELOG.md
index 126533b..62df8f2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,8 @@
-v3.9.8 (2022-92-16)
+v3.9.9 (2022-02-24)
+-------------------
+[fix] Bump parser ECMA version to 2022.  
+
+v3.9.8 (2022-02-16)
 -------------------
 [fix] Add function type check for arguments, caller, and callee property check (GeoffRen)  
 [fix] Fix find best extension handler  
diff --git a/package.json b/package.json
index 48fba06..331ca6e 100644
--- a/package.json
+++ b/package.json
@@ -13,7 +13,7 @@
     "alcatraz",
     "contextify"
   ],
-  "version": "3.9.8",
+  "version": "3.9.9",
   "main": "index.js",
   "sideEffects": false,
   "repository": "github:patriksimek/vm2",
diff --git a/test/vm.js b/test/vm.js
index 66c53ee..1bae3e5 100644
--- a/test/vm.js
+++ b/test/vm.js
@@ -5,6 +5,7 @@
 
 const assert = require('assert');
 const {VM, VMScript} = require('..');
+const {INTERNAL_STATE_NAME} = require('../lib/transformer');
 const NODE_VERSION = parseInt(process.versions.node.split('.')[0]);
 const {inspect} = require('util');
 
@@ -659,6 +660,16 @@ describe('VM', () => {
 		`));
 	});
 
+	it('internal state attack', () => {
+		const vm2 = new VM();
+		assert.throws(() => vm2.run(`${INTERNAL_STATE_NAME}=1;`), /Use of internal vm2 state variable/);
+		assert.throws(() => vm2.run(`const ${INTERNAL_STATE_NAME} = {};`), /Use of internal vm2 state variable/);
+		assert.throws(() => vm2.run(`var ${INTERNAL_STATE_NAME} = {};`), /Use of internal vm2 state variable/);
+		assert.throws(() => vm2.run(`let ${INTERNAL_STATE_NAME} = {};`), /Use of internal vm2 state variable/);
+		assert.throws(() => vm2.run(`class ${INTERNAL_STATE_NAME} {};`), /Use of internal vm2 state variable/);
+		assert.throws(() => vm2.run(`function ${INTERNAL_STATE_NAME} () {};`), /Use of internal vm2 state variable/);
+	});
+
 	it('buffer attack', () => {
 		const vm2 = new VM();