Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
GitHub

rav2040/json-stringify-lite

These functions prioritize performance at the expense of certain features. The serialized JSON output of these functions is identical to that of JSON.stringify() with the following exceptions: ...
IEEE

Approximate String Matching Algorithm Using Multiple-Character Inverted Lists

Abstract: Approximate string matching algorithms, which permit mismatched characters, are extensively employed in software featuring search tools, database management systems, and various applications ...