VYPR

Enclave

by Agentfront

Source repositories

CVEs (3)

  • CVE-2026-27597Feb 25, 2026
    risk 0.00cvss epss 0.01

    Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be used to achieve remote code execution (RCE). The issue has been fixed in version…

  • CVE-2026-25533Feb 6, 2026
    risk 0.00cvss epss 0.00

    Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not…

  • CVE-2026-22686Jan 13, 2026
    risk 0.00cvss epss 0.01

    Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host Node.js runtime. When a tool…