9 vulnerabilities classified as CWE-265 (权限/沙箱问题). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6878 | ByteDance verl grader.py math_equal sandbox — verl | 5.6 | Medium | 2026-04-23 |
| CVE-2026-6224 | nocobase plugin-workflow-javascript Vm.js createSafeConsole sandbox — plugin-workflow-javascript | 7.3 | High | 2026-04-13 |
| CVE-2026-6117 | AstrBotDevs AstrBot install-upload Endpoint plugin.py install_plugin_upload sandbox — AstrBot | 6.3 | Medium | 2026-04-12 |
| CVE-2025-5874 | Redash getattr python.py run_query sandbox — Redash | 4.6 | Medium | 2025-06-09 |
| CVE-2025-5321 | aimhubio aim run_view Object query.py RestrictedPythonQuery privilege escalation — aim | 6.3 | Medium | 2025-05-29 |
| CVE-2024-2007 | OpenBMB XAgent Privileged Mode sandbox — XAgent | 5.3 | Medium | 2024-02-29 |
| CVE-2023-5223 | HimitZH HOJ Topic sandbox — HOJ | 6.3 | Medium | 2023-09-27 |
| CVE-2023-26122 | safe-eval 安全漏洞 — safe-eval | 8.8 | High | 2023-04-11 |
| CVE-2020-1889 | WhatsApp 安全漏洞 — WhatsApp Desktop | 10.0 | - | 2020-09-03 |
Vulnerabilities classified as CWE-265 (权限/沙箱问题) represent 9 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.