The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...
InfoQ

Vanilla Extract - a Modern CSS in JS Library

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoWorld

TensorFlow.js puts machine learning in the browser

The WebGL-accelerated library works with the Node.js server-side JavaScript runtime, but isn’t on par with Tensorflow’s Python API Google’s TensorFlow open source machine learning library has been ...
Business Wire

Bentley Systems Releases Open-Source Library: iModel.js

LONDON--(BUSINESS WIRE)--Bentley Systems, Incorporated, the leading global provider of comprehensive software solutions for advancing the design, construction, and operations of infrastructure, today ...
Search Engine Land

WalkerOS: A data collection alternative to gtag.js

Google’s popular gtag.js library makes collecting data for Google Analytics 4 and Google Ads straightforward. However, it also ties you into Google’s ecosystem. You lose control and flexibility when ...
CoinTelegraph

Exclusive: Liquid Network Gets Its First General-Purpose Javascript Library

A new Javascript library for Liquid could allow external developers to build a complete ecosystem around the heavily upgraded Bitcoin sidechain. Blockstream’s Liquid Network is now featuring its own ...