CVE-2026-25587 in SandboxJSИнформация

Сводка

по MITRE • 06.02.2026

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFE_PROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

GitHub M

Резервировать

03.02.2026

Раскрытие

06.02.2026

Модерация

принято

Вход

VDB-344736

CPE

готов

CWE

CWE-94 (Подтверждённый)

CVSS

10.0 (CNA)

EPSS

0.00034

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-25587
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-25587
CVE Details	https://www.cvedetails.com/cve/CVE-2026-25587/

◂ Предыдущий Обзор Далее ▸

Interested in the pricing of exploits?

See the underground prices here!