SandboxJS Security Update Advisory (CVE-2026-25881)

Feb 19 2026

Overview

We have released a security update to address a vulnerability in SandboxJS. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2026-25881

SandboxJS version: 0.8.30 and earlier

Resolved Vulnerabilities

Sandbox escape vulnerability in SandboxJS (CVE-2026-25881)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2026-25881

SandboxJS version: 0.8.31

References

[1] @nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)
https://github.com/nyariv/SandboxJS/security/advisories/GHSA-ww7g-4gwx-m7wj

SandboxJS Security Update Advisory (CVE-2026-25881)

GitLab Product Security Update Advisory

Google Chrome Browser (145.0.7632.75/76) Security Update Advisory

Tags:

GitLab Product Security Update Advisory

Google Chrome Browser (145.0.7632.75/76) Security Update Advisory