VYPR

Math Codegen

by Mauriciopoppe

Source repositories

CVEs (1)

  • CVE-2026-41507CriMay 8, 2026
    risk 0.57cvss 9.8epss 0.00

    math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() is injected verbatim into a new Function() body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled…