Published: May 7, 2026 | Last Modified: May 7, 2026
Description A vulnerability in the vm2 Node.js library that allows sandbox escape via "neutralizeArraySpeciesBatch()" and permits an attacker to execute arbitrary commands on the underlying host. (Affects versions
This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.