Node.js 25: Escapes from JavaScript sandbox vm2 conceivable

The vm2 sandbox component of the open-source JavaScript runtime environment Node.js is vulnerable with certain settings.
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
Hosted on MSN

Roblox sandbox hits surge with new codes and player spikes

Several popular Roblox sandbox and simulation titles have rolled out new redeemable codes offering in-game boosts, while live player rankings highlight top-trending creative worlds. Games like Bee ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...