Npm · Math.Js · CVE-2026-41139
**Name of the Vulnerable Software and Affected Versions**
Math.js versions 13.1.0 through 15.1.x
**Description**
Arbitrary JavaScript can be executed through the expression parser of the library.
**Recommendations**
Update to version 15.2.0.