流行的vm2 Node.js库近日披露一个高危沙箱逃逸漏洞,攻击者成功利用该漏洞可在底层操作系统上执行任意代码。该漏洞编号为CVE-2026-22709,CVSS评分为9.8分(满分10分)。
Node.js 17 has been released. The latest version of the popular JavaScript runtime brings more “promisified” APIs and support for OpenSSL 3.0. Downloadable from the Node.js website, Node.js 17 follows ...
A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
一些您可能无法访问的结果已被隐去。
显示无法访问的结果