Security Advisory

CVE-2026-40897

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-24 16:48:34

Last updated 2026-04-24 17:44:59

Assigner GitHub_M

State PUBLISHED

Description

Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser. This vulnerability is fixed in 15.2.0.

← Browse all CVEs View on cve.org ↗