Critical vm2 Vulnerability in Node.js Allows Code Execution

Critical vm2 Vulnerability in Node.js Allows Code Execution

First seen 27 Jan 2026, 17:53 UTC GbhackersCyberpressBleepingcomputerCybersecuritynewsThehackernews+6 82% similarity 45.3

Article Content

Browse articles
ThreatCluster

A critical vulnerability in the vm2 sandboxing library for Node.js has been identified, enabling attackers to escape the sandbox and execute arbitrary code on affected systems. This flaw poses a significant risk to applications utilizing the vm2 library, which is widely used for running untrusted code securely.

ThreatCluster AI

Community

Browse all →