A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results