{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigelckjl2ozdnr7ompnfq4sc6dv24jzaem6accpoqp6awm3cssn3a",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mlv55xm3xf22"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibkczhomdfubwt7mttk4imncsywivn7n4fndaqqjoj7vp5sr5qrsy"
    },
    "mimeType": "image/webp",
    "size": 66070
  },
  "path": "/critical-sandboxjs-escape-flaw-allows-host-code-execution-in-affected-apps/",
  "publishedAt": "2026-05-14T18:05:40.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Critical SandboxJS Escape Flaw Allows Host Code Execution in Affected Apps",
    "VPN Central",
    "@nyariv"
  ],
  "textContent": "A critical vulnerability in SandboxJS can allow attacker-controlled JavaScript to escape the sandbox and execute code on the host system. The flaw is tracked as CVE-2026-43898 and affects the npm package @nyariv/sandboxjs up to and including version 0.9.5. The issue has a CVSS 3.1 score of 10.0, the highest possible rating. GitHub’s advisory says the […]\n\nThe post Critical SandboxJS Escape Flaw Allows Host Code Execution in Affected Apps appeared first on VPN Central.",
  "title": "Critical SandboxJS Escape Flaw Allows Host Code Execution in Affected Apps"
}