What is the CVSS score of CVE-2026-27597?

CVE-2026-27597 has a CVSS 3.1 base score of 10.0 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.5%.

Which versions of AI / ML are affected by CVE-2026-27597?

A critical vulnerability in Enclave's JavaScript sandbox allows attackers to bypass security controls and execute arbitrary code remotely with a 10.0 CVSS score.. A patch is available.

Is there a public PoC exploit available for CVE-2026-27597?

Yes, a public proof-of-concept exploit is available for CVE-2026-27597. Prioritise patching immediately. EPSS: 0.5%.

AI / ML CVE-2026-27597

CRITICAL

Code Injection (CWE-94)

2026-02-25 security-advisories@github.com

GHSA-f229-3862-4942

RCE AI / ML Enclave

10.0

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Feb 27, 2026 - 18:27 vuln.today

Public exploit code

Patch released

Feb 27, 2026 - 18:27 nvd

Patch available

CVE Published

Feb 25, 2026 - 04:16 nvd

CRITICAL 10.0

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

2 npm packages depend on @enclave-vm/core (2 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.11.1.

DescriptionNVD

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2.11.1, it is possible to escape the security boundraries set by @enclave-vm/core, which can be used to achieve remote code execution (RCE). The issue has been fixed in version 2.11.1.

AnalysisAI

Sandbox escape in Enclave JavaScript sandbox before 2.11.1. Enclave is designed for safe AI agent code execution — the escape allows agents to execute arbitrary code outside the sandbox. …

RemediationAI

Within 24 hours: Identify all systems running Enclave versions <2.11.1 and assess their exposure to untrusted code sources; isolate critical instances if patching cannot be completed immediately. Within 7 days: Apply vendor patch to version 2.11.1 or later across all affected systems; verify patch deployment through version scanning. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-27597 vulnerability details – vuln.today

Back

AI / ML CVE-2026-27597

CVSS VectorNVD

Lifecycle Timeline

Blast Radius

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code