New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
GitHub

0x3EF8/Nero-Facebook-Bot

nero/ ├── index.js # Main entry point ├── server.js # REST API server ├── package.json # Dependencies and scripts ├── .env # Environment variables (API keys) ├── accounts/ # Appstate JSON files for ...
Milwaukee Journal Sentinel

Kate Hudson to Headline and Chelsea Handler to Host COSF’s Fourth Annual Aspen Snow Ball ...

ASPEN, CO, NJ, UNITED STATES, January 9, 2026 /EINPresswire.com/ — The Children’s Oncology Support Fund (COSF), founded by film producer and philanthropist Thomas ...