The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
Redmond Magazine

Microsoft Pulls Plug on SharePoint Online Managed Code Sandbox

Microsoft announced last Friday that it is pulling support for a capability that lets organizations use a server-based sandbox to run managed code for SharePoint Online sites. The announcement ...