{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T15:23:09.692","vulnerabilities":[{"cve":{"id":"CVE-2026-25520","sourceIdentifier":"security-advisories@github.com","published":"2026-02-06T20:16:10.440","lastModified":"2026-02-18T14:33:15.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can obtain the hosts Function constructor, which can be used to execute arbitrary code outside of the sandbox. This vulnerability is fixed in 0.8.29."},{"lang":"es","value":"SandboxJS es una librería de sandboxing de JavaScript. Antes de 0.8.29, los valores de retorno de las funciones no están encapsulados. Object.values/Object.entries pueden usarse para obtener un Array que contiene el constructor Function del host; al usar Array.prototype.at se puede obtener el constructor Function del host, el cual puede usarse para ejecutar código arbitrario fuera del sandbox. Esta vulnerabilidad está corregida en 0.8.29."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nyariv:sandboxjs:*:*:*:*:*:node.js:*:*","versionEndExcluding":"0.8.29","matchCriteriaId":"5822AD4C-2C8E-4196-9149-A626F0572E05"}]}]}],"references":[{"url":"https://github.com/nyariv/SandboxJS/commit/67cb186c41c78c51464f70405504e8ef0a6e43c3","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nyariv/SandboxJS/security/advisories/GHSA-58jh-xv4v-pcx4","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/nyariv/SandboxJS/security/advisories/GHSA-58jh-xv4v-pcx4","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}