Launch Week Day 1: Announcing Security Design Review
Start for Free
npm

@nyariv/sandboxjs

View on npm registry
14 Total advisories
14 Vulnerabilities
0 Malware

Vulnerabilities

CRITICAL 10.0
npm

CVE-2026-43898

SandboxJS has a sandbox escape via Function.caller leakage of internal call op
CRITICAL 10.0
npm

CVE-2026-34208

SandboxJS: Sandbox integrity escape

UNKNOWN
npm

CVE-2026-34211

SandboxJS: Stack overflow DoS via deeply nested expressions in recursive descent parser
UNKNOWN
npm

CVE-2026-34217

SandboxJS: Sandbox Escape via Prop Object Leak in New Handler
UNKNOWN
npm

CVE-2026-32723

SandboxJS has an execution-quota bypass (cross-sandbox currentTicks race) in SandboxJS timers
CRITICAL 10.0
npm

CVE-2026-26954

SandboxJS affected by a Sandbox Escape
CRITICAL 10.0
npm

CVE-2026-25142

SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCE
CRITICAL 9.0
npm

CVE-2026-25881

@nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)
CRITICAL 10.0
npm

CVE-2026-25587

@nyariv/sandboxjs has a Sandbox Escape vulnerability
CRITICAL 10.0
npm

CVE-2026-25520

@nyariv/sandboxjs has a Sandbox Escape issue
CRITICAL 10.0
npm

CVE-2026-25641

@nyariv/sandboxjs vulnerable to sandbox escape via TOCTOU bug on keys in property accesses
CRITICAL 10.0
npm

CVE-2026-25586

@nyariv/sandboxjs has Sandbox Escape via Prototype Whitelist Bypass and Host Prototype Pollution
CRITICAL 10.0
npm

CVE-2026-23830

SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
UNKNOWN
npm

CVE-2025-34146

@nyariv/sandboxjs has Prototype Pollution vulnerability that may lead to RCE

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes