CVE lookup
CVE-2026-25881
Pruva has a verified reproduction for CVE-2026-25881: SandboxJS: Host Prototype Pollution via Array Intermediary (Sandbox Escape). The canonical evidence record is REPRO-2026-00098.
REPRO
REPRO-2026-00098
Package
@nyariv/sandboxjs · npm
Severity
CRITICAL
Status
published