#vm2
#vm2

[ follow ]

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Sandboxing untrusted JavaScript in vm2 is fragile because sandbox escapes can enable full system compromise when credentials, secrets, filesystem, network, or deployment privileges are accessible.

Node JS

fromBleepingComputer

6 days ago

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in vm2 allows escaping the sandbox and executing arbitrary code on the host system.

Information security

fromBleepingComputer

3 months ago

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

CVE-2026-22709 in vm2 allows sandbox escape via Promise callback sanitization flaws, enabling arbitrary code execution on the host.

[ Load more ]

#vm2#vm2

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Critical vm2 sandbox bug lets attackers execute code on hosts

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

#vm2
#vm2