CVSS: 4.5EPSS: %CPEs: 1EXPL: 0CVE-2026-1770 – Improper Control of Dynamically-Managed Code Resources in Crafter Studio
https://notcve.org/view.php?id=CVE-2026-1770
02 Feb 2026 — Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE (Remote Code Execution). • https://docs.craftercms.org/current/security/advisory.html#cv-2026020201 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2026-25117 – pwn.college DOJO vulnerable to sandbox escape leading to arbitrary javascript execution
https://notcve.org/view.php?id=CVE-2026-25117
29 Jan 2026 — This is a sandbox escape leading to arbitrary javascript execution as the dojo's origin. • https://github.com/pwncollege/dojo/commit/e33da14449a5abcff507e554f66e2141d6683b0a • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23830 – SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
https://notcve.org/view.php?id=CVE-2026-23830
27 Jan 2026 — Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Function` constructor with a safe, sandboxed version (`SandboxFunction`). ... When code running inside the sandbox accesses `.constructor` on an async function (which the sandbox allows creating), the `executor` retrieves the property value. ... By obtaining the host `AsyncFuncti... • https://github.com/nyariv/SandboxJS/commit/345aee6566e47979dee5c337b925b141e7f78ccd • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-693: Protection Mechanism Failure CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-22709 – vm2 has a Sandbox Escape
https://notcve.org/view.php?id=CVE-2026-22709
26 Jan 2026 — vm2 is an open source vm/sandbox for Node.js. ... This allows attackers to escape the sandbox and run arbitrary code. • https://github.com/patriksimek/vm2/commit/4b009c2d4b1131c01810c1205e641d614c322a29 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-693: Protection Mechanism Failure CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2025-55130 – SUSE Security Advisory - SUSE-SU-2026:0295-1
https://notcve.org/view.php?id=CVE-2025-55130
20 Jan 2026 — By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. ... By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files. ... Once the initial path passes the permission check, the symlink is followed and traversal sequences escape the sandbox. • https://packetstorm.news/files/id/214705 • CWE-289: Authentication Bypass by Alternate Name •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23885 – AlchemyCMS has Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper
https://notcve.org/view.php?id=CVE-2026-23885
19 Jan 2026 — Since `engine_name` is sourced from module definitions that can be influenced by administrative configurations, it allows an authenticated attacker to escape the Ruby sandbox and execute arbitrary system commands on the host OS. • https://github.com/AlchemyCMS/alchemy_cms/commit/55d03ec600fd9e07faae1138b923790028917d26 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2026-0863 – Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.
https://notcve.org/view.php?id=CVE-2026-0863
18 Jan 2026 — Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. • https://research.jfrog.com/vulnerabilities/n8n-python-runner-sandbox-escape-jfsa-2026-001651077 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-22686 – Sandbox Escape via Host Error Prototype Chain in enclave-vm
https://notcve.org/view.php?id=CVE-2026-22686
13 Jan 2026 — Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host Node.js runtime. ... Using the host Function constructor, arbitrary JavaScript can be compiled and executed in the host context, fully bypassing the sandbox and granting access to sensitive resources such as process.env, filesystem, and... • https://github.com/agentfront/enclave/commit/ed8bc438b2cd6e6f0b5f2de321e5be6f0169b5a1 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-693: Protection Mechanism Failure •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0CVE-2026-0891 – Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
https://notcve.org/view.php?id=CVE-2026-0891
13 Jan 2026 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, information disclosure or spoofing. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1964722%2C2000981%2C2003100%2C2003278 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2026-0890 – Spoofing issue in the DOM: Copy & Paste and Drag & Drop component
https://notcve.org/view.php?id=CVE-2026-0890
13 Jan 2026 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, information disclosure or spoofing. • https://bugzilla.mozilla.org/show_bug.cgi?id=2005081 • CWE-290: Authentication Bypass by Spoofing •