Published: May 7, 2026 | Last Modified: May 7, 2026
Description A vulnerability in the vm2 Node.js library that allows sandbox escape via a null proto exception and permits an attacker to execute arbitrary commands on the underlying host. (Affects versions
This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.