Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
13 articles

#Sandbox Escape

All CosmicBytez Labs articles tagged #Sandbox Escape, across news, security advisories, how-to guides, and projects.

  • SecurityJul 15, 2026

    CVE-2026-15773: Chrome Use-After-Free Sandbox Escape (CVSS 9.6)

    A critical use-after-free vulnerability in Google Chrome's Core component on Windows allows remote attackers to escape the browser sandbox via a crafted HTML page. Patch to Chrome 150.0.7871.125 immediately.

  • NewsJun 24, 2026

    Edgecution: Malicious Edge Extension Escapes Browser Sandbox via Native Messaging

    A malicious Microsoft Edge extension dubbed 'Edgecution' abused the Native Messaging API to escape the browser sandbox and deliver a Python backdoor used...

  • SecurityJun 23, 2026

    CVE-2026-12866: expr-eval npm Package Enables Arbitrary Code Execution via toJSFunction()

    All versions of the expr-eval JavaScript package are vulnerable to remote code execution through the toJSFunction() API. Crafted expressions escape the...

  • SecurityJun 13, 2026

    CVE-2026-47131: vm2 Sandbox Escape via Buffer Prototype Hijack (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to obtain the host TypeError constructor via Buffer.__lookupGetter__ abuse,...

  • SecurityJun 13, 2026

    CVE-2026-47137: vm2 Sandbox Escape via Strict Equality require Bypass (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows attackers to bypass the require: false security option using falsy values, circumventing the...

  • SecurityJun 13, 2026

    CVE-2026-47140: vm2 Sandbox Escape via Incomplete Builtin Denylist (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to access the host process via the process and inspector/promises builtins,...

  • SecurityJun 13, 2026

    CVE-2026-47208: vm2 General Sandbox Breakout — Arbitrary Host Execution (CVSS 10.0)

    A CVSS 10.0 critical vulnerability in vm2 for Node.js allows sandbox code to escape and execute arbitrary OS commands on the host system. Patched in vm2 3.11.4.

  • SecurityJun 9, 2026

    CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability

    A critical out-of-bounds read and write vulnerability in the Chromium V8 engine allows remote attackers to execute arbitrary code inside a sandbox via a...

  • SecurityMay 27, 2026

    CVE-2026-44451: Lumiverse AI Chat TSX Sandbox Escape (CVSS 9.3)

    Critical sandbox escape in Lumiverse <0.9.7 lets attackers bypass JS global shadowing via crafted TSX component overrides, enabling code execution.

  • SecurityApr 29, 2026

    Google Chrome GPU Use-After-Free Sandbox Escape

    A CVSS 9.6 critical use-after-free vulnerability in the GPU component of Google Chrome prior to 147.0.7727.138 allows a remote attacker to potentially...

  • SecurityApr 9, 2026

    CVE-2026-39888: PraisonAI Sandbox Escape Enables Remote

    A critical sandbox escape vulnerability in PraisonAI's multi-agent framework allows attackers to bypass the Python code execution sandbox, defeating the...

  • NewsMar 12, 2026

    Researchers Disclose Critical n8n Flaws Enabling RCE and Credential Theft

    Security researchers have published details of two newly patched critical vulnerabilities in n8n — CVE-2026-27577 (CVSS 9.4), an expression sandbox escape...

  • SecurityFeb 7, 2026

    Eight Critical n8n Vulnerabilities: Sandbox Escape to Unauthenticated RCE

    Popular workflow automation platform n8n hit with eight high-to-critical CVEs including a CVSS 10.0 unauthenticated RCE and sandbox escape bypassing...