CVE-2026-27597

Published
View on NVD ↗
CVSS v3
10
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT

Description

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be used to achieve remote code execution (RCE). The issue has been fixed in version 2.11.1.

agentfront/enclave
agentfront/enclave
A secure JavaScript sandbox designed for safe AI agent code execution. Protects against code injection, prototype pollution, and sandbox escapes. The security layer that makes AI-generated code safe to run.
GitHubGitHub
3