InfoWorld

jQuery 4.0.0 JavaScript library features trusted types

The first major update in nearly 10 years, jQuery 4.0.0 follows a long development cycle and several pre-releases.

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.