Security Alert: Dozen Critical Vulnerabilities Found in vm2 Node.js Library – Sandbox Escapes Allow Host Takeover
07/05/2026-18:25 07/05/2026-18:30 מחשבים וטכנולוגיה CyberSec Guru דיווח
If your Node.js application runs user-supplied code through vm2, stop reading and go check your version number. Eleven new critical vulnerabilities have been disclosed in the library, with CVSS scores reaching 10.0, all affecting versions up to 3.11.
