Yeah blazor seems to be a re implementation of the same ideas with webassembly and a newer version of .net. I have a feeling it will have the same security holes eventually.
Since it runs in the Browser JS sandbox there will be a lower security footprint than the NPAPI Silverlight plugin. JS libraries can certainly still cause other web security issues but you shouldn’t be able to escape the browser just because you’re running this library.
