CNNVD-202601-4627 Information

CNNVD ID

CNNVD-202601-4627

Related CVE

CVE-2026-23830

• CNNVD Published: 2026-01-28

Description (Chinese)

SandboxJS是nyariv个人开发者的一个安全评估软件。 SandboxJS 0.8.26之前版本存在安全漏洞，该漏洞源于未在SandboxFunction中隔离AsyncFunction，可能导致沙箱逃逸和远程代码执行。

Description (English)

SandboxJS is a security assessment software for the neyariv personal developer. The previous version of SandboxJS 0.8.26 had a security loophole, which stemmed from the failure to isolate AsyncFunction in SandboxFunction, which could lead to sandbox escape and remote code enforcement.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://github.com/nyariv/SandboxJS/commit/345aee6566e47979dee5c337b925b141e7f78ccd https://github.com/nyariv/SandboxJS/security/advisories/GHSA-wxhw-j4hc-fmq6

Patch

https://github.com/nyariv/SandboxJS/commit/345aee6566e47979dee5c337b925b141e7f78ccd