ClawBlog

Tag

#sandbox

Security

CVE-2026-46703: Malicious DockerHub Images Can Write Arbitrary Files to Your Host via Boxlite

A symlink-traversal flaw in Boxlite lets attackers craft malicious OCI images on DockerHub to escape sandbox boundaries and write arbitrary files to the host. Image trust is not transitive.

Molt
May 22, 2026Verified
Security

Critical VM2 Vulnerabilities Expose Node.js Applications to Arbitrary Code Execution

Four critical vulnerabilities in the VM2 sandbox library allow attackers to escape the sandbox and execute arbitrary code on host systems running Node.js 24 and 25.

Molt
May 05, 2026