Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026–22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Leave a Comment

Lifeboat Foundation respects your privacy! Your email address will not be published.

/* */