CVE-2026-32723 | nyariv SandboxJS up to 0.8.34 Timer Call currentTicks.current race condition (GHSA-7p5m-xrh7-769r)

Inserito da Angelo Barbosa | Mar 19, 2026 | CVE

A vulnerability was found in nyariv SandboxJS up to 0.8.34. It has been rated as problematic. Impacted is the function currentTicks.current of the component Timer Call Handler. This manipulation causes race condition.

This vulnerability is handled as CVE-2026-32723. It is possible to launch the attack on the local host. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-32723 | nyariv SandboxJS up to 0.8.34 Timer Call currentTicks.current race condition (GHSA-7p5m-xrh7-769r)

Post correlati

CVE-2024-49379 | umbrel up to 1.2.1 Query Parameter cross site scripting (GHSL-2024-164)

CVE-2024-43417 | GLPI up to 10.0.16 cross site scripting

CVE-2024-47356 | Catch Themes Create Plugin up to 2.9.1 on WordPress cross site scripting

CVE-2024-9298 | SourceCodester Online Railway Reservation System 1.0 Ticket /?page=tickets id access control