{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T04:32:33.677","vulnerabilities":[{"cve":{"id":"CVE-2026-27597","sourceIdentifier":"security-advisories@github.com","published":"2026-02-25T04:16:03.557","lastModified":"2026-02-27T18:27:17.377","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be used to achieve remote code execution (RCE). The issue has been fixed in version 2.11.1."},{"lang":"es","value":"Enclave es un sandbox seguro de JavaScript diseñado para la ejecución segura de código de agentes de IA. Antes de la versión 2.11.1, es posible evadir los límites de seguridad establecidos por `@enclave-vm/core`, lo que puede utilizarse para lograr ejecución remota de código (RCE). El problema ha sido solucionado en la versión 2.11.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:agentfront:enclave:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2.11.1","matchCriteriaId":"77757A08-0B36-4B41-9474-A7AD214D4FB0"}]}]}],"references":[{"url":"https://github.com/agentfront/enclave/commit/09afbebe4cb6d0586c1145aa71ffabd2103932db","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/agentfront/enclave/security/advisories/GHSA-f229-3862-4942","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}