The mathjs library comes with some risks, since it contains an expression parser which allows arbitrary user input, which may result in CPU or memory heavy operations. Read more in the docs: https://mathjs.org/docs/expressions/security.html
Please report (suspected) security vulnerabilities privately to one of the maintainers of the library, for example to Jos de Jong: https://github.com/josdejong.