Hagrid29

**Name of the Vulnerable Software and Affected Versions** @nyariv/sandboxjs versions through 0.8.23 **Description** A prototype pollution issue exists in @nyariv/sandboxjs, allowing attackers to inject arbitrary properties into `Object.prototype` via crafted JavaScript code. This can lead to a denial-of-service (DoS) condition or, potentially, escape the sandboxed environment. The root cause is insufficient prototype access checks within the sandbox’s executor logic, specifically when handling JavaScript function objects returned. **Recommendations** Update @nyariv/sandboxjs to a version later than 0.8.23.

**Name of the Vulnerable Software and Affected Versions** Forescout SecureConnector version 11.3.06.0063 **Description** The issue allows a local attacker to escalate privileges via the Recheck Compliance Status component. **Recommendations** For Forescout SecureConnector version 11.3.06.0063, consider restricting access to the Recheck Compliance Status component until a patch is available.