Description
This security vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the mathjs expression parser.
Recommendation
Update the mathjs package to the latest compatible version. Followings are version details:
- Affected version(s): >= 13.1.1, < 15.2.0
- Patched version(s): 15.2.0
References
Related Issues
- Maker.js has Unsafe Property Copying in makerjs.extendObject - CVE-2026-24888
- mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes - CVE-2026-41139
- Parse Server has denylist `requestKeywordDenylist` keyword scan bypass through nested object placement - CVE-2026-30938
- ApostropheCMS: Stored XSS via CSS Custom Property Injection in @apostrophecms/color-field Escaping Style Tag Context - CVE-2026-33889
You might also like:
- Tags:
- npm
- mathjs
Anything's wrong? Let us know Last updated on April 28, 2026


