The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
Morning Overview on MSN

GitHub patches critical remote code execution flaw in private repositories

GitHub has patched a high-severity remote code execution vulnerability that allowed anyone with push access to a private ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
The Hacker News

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable ...
The Tech Edvocate

30 Critical Google Chrome Vulnerabilities Expose Billions to Remote Code Exploits — Here’s What You Need to Know

Spread the loveOn May 7, 2026, Google rolled out an urgent security update for its widely-used web browser, Chrome. This update, which addresses 30 vulnerabilities, has raised significant alarms ...
CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...