A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites.

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

Indian government has revealed multiple vulnerabilities which could allow a remote attacker to execute arbitrary code on the targeted system and access sensitive data.