Skip to content

CVE lookup

CVE-2026-25881

Pruva has a verified reproduction for CVE-2026-25881: SandboxJS: Host Prototype Pollution via Array Intermediary (Sandbox Escape). The canonical evidence record is REPRO-2026-00098.

REPRO

REPRO-2026-00098

Package

@nyariv/sandboxjs · npm

Severity

CRITICAL

Status

published