@nyariv/sandboxjs vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-43898Critical@nyariv/sandboxjs: SandboxJS has a sandbox escape via Function.caller leakage of internal call opCVE-2026-34217Medium@nyariv/sandboxjs: SandboxJS: Sandbox Escape via Prop Object Leak in New HandlerCVE-2026-34211Medium@nyariv/sandboxjs: SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parserCVE-2026-34208Critical@nyariv/sandboxjs: SandboxJS: Sandbox integrity escape CVE-2026-32723Medium@nyariv/sandboxjs: SandboxJS has an execution-quota bypass (cross-sandbox currentTicks race) in SandboxJS timersCVE-2026-26954Critical@nyariv/sandboxjs: SandboxJS affected by a Sandbox EscapeCVE-2026-25881Critical@nyariv/sandboxjs: @nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)CVE-2026-25641Critical@nyariv/sandboxjs: @nyariv/sandboxjs vulnerable to sandbox escape via TOCTOU bug on keys in property accessesCVE-2026-25587Critical@nyariv/sandboxjs: @nyariv/sandboxjs has a Sandbox Escape vulnerabilityCVE-2026-25586Critical@nyariv/sandboxjs: @nyariv/sandboxjs has Sandbox Escape via Prototype Whitelist Bypass and Host Prototype PollutionCVE-2026-25520Critical@nyariv/sandboxjs: @nyariv/sandboxjs has a Sandbox Escape issueCVE-2026-25142Critical@nyariv/sandboxjs: SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCECVE-2026-23830Critical@nyariv/sandboxjs: SandboxJS has Sandbox Escape via Unprotected AsyncFunction ConstructorCVE-2025-34146High@nyariv/sandboxjs: @nyariv/sandboxjs has Prototype Pollution vulnerability that may lead to RCE

Stop the waste.
Protect your environment with Kodem.