CVE-2026-26956 Blast Radius

CRITICAL • CVSS 9.8vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-26956.

Start Free Scan →← Back to CVE-2026-26956