JavaScript is a high-level, interpreted programming language essential for creating interactive web applications, running directly in web browsers to enable dynamic content and user interface enhancements. It is integral to the web development stack, working seamlessly with HTML and CSS to build responsive and feature-rich websites.

JavaScript

NixOS is a Linux distribution built on top of the Nix package manager. It is completely declarative, its system configurations are reproducible, makes configuration changes reliable and atomic, and eliminates configuration drift.

NixOS

Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-22787	HIGH	8.7	JavaScript	html2pdf.js	No	Yes	Jan 14, 2026
CVE-2026-22820	MEDIUM	6.3	JavaScript	outray	No	Yes	Jan 14, 2026
CVE-2026-22819	MEDIUM	5.9	JavaScript	outray	No	Yes	Jan 14, 2026
CVE-2026-22036	LOW	3.7	JavaScript	node-undici	No	Yes	Jan 14, 2026
GHSA-73rr-hh4g-fpgx	LOW	N/A	JavaScript	diff	No	Yes	Jan 14, 2026

CVE-2023-39663:
JavaScript vulnerability analysis and mitigation

7.5

Related JavaScript vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2023-39663: JavaScript vulnerability analysis and mitigation