{"vulnerability": "CVE-2026-24118", "sightings": [{"uuid": "713f6a89-704e-46b1-8e4a-25475bb66060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24118", "type": "seen", "source": "https://gist.github.com/alon710/e818aa393dda5bd140273420e0cde714", "content": "", "creation_timestamp": "2026-05-04T16:40:28.000000Z"}, {"uuid": "a41d179a-4e8d-4fef-be40-2c92ba04f5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24118", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3ml2ckcncdj2k", "content": "\ud83d\udd34 CVE-2026-24118 - Critical (9.8)\n\nvm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-24118/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-04T18:30:39.581003Z"}, {"uuid": "3a1e408c-c9ae-42a8-a622-61cd1e91f6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24118", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mleotgqmgm2f", "content": "\ud83d\udccc CVE-2026-24118 - vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to wri... https://www.cyberhub.blog/cves/CVE-2026-24118", "creation_timestamp": "2026-05-08T21:37:07.763160Z"}, {"uuid": "08a32462-5d91-446b-82f1-c483536b0e0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-24118", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq74xqlwnh2v", "content": "CVE-2026-24118 - @rootio/vm2\nA security patch has been released for Root's VM2 package. This patch fixes a security issue that could have allowed unauthorized access to Root's systems. To stay secure, update\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rootio #Rootnpm #CVE #infosec", "creation_timestamp": "2026-07-09T07:40:04.382995Z"}]}