The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
GitHub

UI Components for Rustic AI

The UI Components for Rustic AI is a comprehensive collection of reusable components designed specifically to empower developers in constructing interactive multimodal chat interfaces. With a focus on ...
GitHub

A javascript library that provides rendering capabilities for CFD, scatterplot and Histogram graphs. It uses d3js for graph rendering.

graphs-renderer is designed to work alongside certain tools that you're likely to have in your project. To avoid version conflicts and ensure compatibility, we list these tools as peer dependencies: ...
LGBTQ Nation

“Heated Rivalry” downloads surge by 529% after NYC Mayor Mamdani told people to read it

NYPL spokesperson Lizzie Tribone told the Times Monday that Heated Rivalry has been downloaded more than 5,000 times since ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.