Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > CVE-2026-43898
#CVE-2026-43898

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm

15 May 2026  |  dark6  |  Vulnerability

A maximum-severity (CVSS 10.0) vulnerability in the SandboxJS npm library allows attackers to completely escape the JavaScript sandbox and execute arbitrary code on the host system — no...

>> read more