Information security
fromBleepingComputer
2 days agoCritical sandbox escape flaw discovered in popular vm2 NodeJS library
CVE-2026-22709 in vm2 allows sandbox escape via Promise callback sanitization flaws, enabling arbitrary code execution on the host.