Critical Sandbox Escape Vulnerability Discovered in Popular vm2 Node.js Library

A critical vulnerability (CVE-2026-22709) has been discovered in the vm2 sandbox library for Node.js. This flaw allows attackers to escape the sandbox and execute arbitrary code on the underlying host system. The vm2 library is widely used to securely run untrusted JavaScript code in Node.js environments. This vulnerability poses a significant risk to applications that rely on vm2 for code isolation.