A researcher says three patched OpenClaw flaws could enable credential theft, privilege escalation, and host code execution ...
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and ...
Two flaws in the widely used open-source editor can be triggered through manipulated configuration files, prompting security updates from the project's maintainers. Two arbitrary code execution ...
Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...
A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system ...