The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

A.I. Was Supposed to “Revolutionize” Work. In Many Offices, It’s Only Creating Chaos.

Few people are as knee-deep in our work-related anxieties and sticky office politics as Alison Green, who has been fielding ...