The JavaScript sandbox vm2 for Node.js was actually discontinued. Now an update closes a critical security vulnerability.

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.