security

Critical VM2 Vulnerabilities Expose Node.js Applications to Arbitrary Code Execution

Four critical vulnerabilities in the VM2 sandbox library allow attackers to escape the sandbox and execute arbitrary code on host systems running Node.js 24 and 25.