A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results