CRITICAL🇵🇱 Wersja polska

CVE-2026-27597

CVSS 10.0v3.1pub. 2026-02-25upd. 2026-02-27

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by `@enclave-vm/core`, which can be used to achieve remote code execution (RCE). The issue has been fixed in version 2.11.1.

🤖 AI Analysis
How it works

The vulnerability (CWE-94 — improper control of generation of code) exists in the `@enclave-vm/core` component in all Enclave versions prior to 2.11.1. An attacker can construct specially crafted JavaScript code that breaks the sandbox isolation boundaries. After escaping the sandbox, arbitrary code execution is possible at the level of the host environment in which Enclave runs.

Impact

An attacker can gain full control over the system hosting the sandbox, which includes compromise of confidentiality, integrity, and availability of resources (H/H/H rating in CVSS). The vulnerability allows RCE without any required privileges or victim interaction.

Mitigation & patch

Agentfront Enclave should be updated immediately to version 2.11.1 or later, where the issue has been fixed. Patch details are available in the GitHub repository (commit 09afbebe4cb6d0586c1145aa71ffabd2103932db) and in the official security advisory GHSA-f229-3862-4942.

Who is affected

Agentfront Enclave in all versions before 2.11.1.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Agentfront Enclave

    APP
    Agentfront
    < 2.11.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-22686CRITICAL10.0PL ✓ten sam produkt

Ucieczka z sandbox w Agentfront Enclave — RCE w środowisku Node.js

CVE-2026-25533MEDIUM6.4ten sam produkt

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existin...

CVE-2026-39885HIGH7.5ten sam vendor

FrontMCP is a TypeScript-first framework for the Model Context Protocol (MCP). Prior to 2.3.0, the mcp-from-op...