Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GitHub

An AI web browsing framework focused on simplicity and extensibility.

Stagehand is currently available as an early release, and we're actively seeking feedback from the community. Please join our Slack community to stay updated on the latest developments and provide ...