CVE-2026-12866 Blast Radius
CRITICAL • CVSS 9.8All versions of the package expr-eval are vulnerable to Code Execution via the toJSFunction() API. An attacker can execute arbitrary JavaScript by sup…
Is Your Infrastructure Using These Packages?
EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-12866.