Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 13 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-34217 SandboxJS has a Sandbox Escape via Prop Object Leak in New Handler nyarivSandboxJS--2026-04-06 15:12:53 Deep Dive
CVE-2026-34211 SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser nyarivSandboxJS--2026-04-06 15:10:42 Deep Dive
CVE-2026-34208 SandboxJS: Sandbox integrity escape nyarivSandboxJS Critical 10.0 2026-04-06 15:09:28 Deep Dive
CVE-2026-32723 SandboxJS timers have an execution-quota bypass (cross-sandbox currentTicks race) nyarivSandboxJS 低危 -2026-03-18 21:27:35 Deep Dive
CVE-2026-26954 SandboxJS has a Sandbox Escape nyarivSandboxJS Critical 10.0 2026-03-13 15:51:13 Deep Dive
CVE-2026-25881 @nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape) nyarivSandboxJS Critical 9.0 2026-02-09 21:12:59 Deep Dive
CVE-2026-25586 SandboxJS has a Sandbox Escape via Prototype Whitelist Bypass and Host Prototype Pollution nyarivSandboxJS Critical 10.0 2026-02-06 19:54:38 Deep Dive
CVE-2026-25520 SandboxJS has a Sandbox Escape nyarivSandboxJS Critical 10.0 2026-02-06 19:53:24 Deep Dive
CVE-2026-25587 SandboxJS has a Sandbox Escape nyarivSandboxJS Critical 10.0 2026-02-06 19:51:56 Deep Dive
CVE-2026-25641 SandboxJS has a sandbox escape via TOCTOU bug on keys in property accesses nyarivSandboxJS Critical 10.0 2026-02-06 19:50:12 Deep Dive
CVE-2026-25142 SandboxJS Prototype Pollution -> Sandbox Escape -> RCE nyarivSandboxJS Critical 10.0 2026-02-02 22:51:41 Deep Dive
CVE-2026-23830 SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor nyarivSandboxJS Critical 10.0 2026-01-27 23:32:16 Deep Dive
CVE-2025-34146 nyariv sandboxjs 0.8.23 Prototype Pollution Sandbox Escape DoS nyarivsandboxjs--2025-07-31 14:59:36 Deep Dive