Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GIGAZINE

A developer who maintains the open source library `` core-js '' that is also used by large companies such as Apple and Netflix by himself asks for help saying `` it is already ...

'core-js' is used as the most standard Polyfill on a wide range of websites, and the number of downloads of 'core-js' through npm, a package management tool, has reached approximately 250 million ...