#Javascript
CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm
A maximum-severity (CVSS 10.0) vulnerability in the SandboxJS npm library allows attackers to completely escape the JavaScript sandbox and execute arbitrary code on the host system — no...
CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed
A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000 instances are still exposed online. Here’s what you...
Chrome 143: A Patch Day For Deep Dive Cybersecurity Professionals
Google has just released Chrome 143, ushering in a new era of browser security with 13 addressed vulnerabilities. This release is no mere formality – it’s a critical...