Secure Bulletin Navigating the cyber sea with knowledge
Home > Tag > Javascript
#Javascript

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm

15 May 2026  |  dark6  |  Vulnerability

A maximum-severity (CVSS 10.0) vulnerability in the SandboxJS npm library allows attackers to completely escape the JavaScript sandbox and execute arbitrary code on the host system — no...

>> read more

CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed

9 April 2026  |  dark6  |  AI

A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000 instances are still exposed online. Here’s what you...

>> read more

Chrome 143: A Patch Day For Deep Dive Cybersecurity Professionals

3 December 2025  |  dark6  |  Vulnerability

Google has just released Chrome 143, ushering in a new era of browser security with 13 addressed vulnerabilities. This release is no mere formality – it’s a critical...

>> read more