@nyariv/sandboxjs
This hub aggregates every CVE we track for @nyariv/sandboxjs, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
8
Critical
0
High
0
In CISA KEV
Severity distribution
CRITICAL8MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
6
2
0
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting @nyariv/sandboxjs.
- CVE-2026-32723SandboxJS timers have an execution-quota bypass (cross-sandbox currentTicks race)4.7
- CVE-2026-26954SandboxJS has a Sandbox Escape10.0
- CVE-2026-25881@nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)9.0
- CVE-2026-25586SandboxJS has a Sandbox Escape via Prototype Whitelist Bypass and Host Prototype Pollution10.0
- CVE-2026-25520SandboxJS has a Sandbox Escape10.0
- CVE-2026-25587SandboxJS has a Sandbox Escape10.0
- CVE-2026-25641SandboxJS has a sandbox escape via TOCTOU bug on keys in property accesses10.0
- CVE-2026-25142SandboxJS Prototype Pollution -> Sandbox Escape -> RCE10.0
- CVE-2026-23830SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor10.0
Product normalization is registry-driven with AI assist and human review. How it works