腾讯网

Happy DOM曝CVSS 9.4严重RCE漏洞,PoC已公开(CVE-2025-61927)

流行的JavaScript包Happy DOM曝出严重安全漏洞,该漏洞可使攻击者逃逸Node.js虚拟机(VM)上下文并在主机系统上执行任意代码。该漏洞被追踪为CVE-2025-61927,CVSSv4评分为9.4。
InfoWorld

Q&A: Why Tungsten.js is not like other JavaScript frameworks

Created at an e-commerce site, the JavaScript technology lets users build Web UIs with high-performance rendering on both client and server Tungsten.js was developed by engineers at e-commerce site ...