Critical SandboxJS Vulnerability Allows Remote Host Takeover – PoC Released

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

SandboxJS Vulnerability PoC Released

A severe sandbox escape vulnerability has been discovered in the JavaScript library, enabling attackers to execute arbitrary code on host systems.

The flaw, tracked as CVE-2026-25881 with a critical CVSS score of 8.3/10, affects all versions up to 0.8.30 and has been patched in version 0.8.31.

The vulnerability exploits a weakness in SandboxJS’s protection mechanism. The library uses an “isGlobal” flag to prevent sandboxed code from modifying host system objects.

However, when global prototype references like Map. prototype or Set. Prototypes are placed into an array, then retrieved; the protective flag is stripped away.

This process, called “prototype pollution,” allows attackers to modify core JavaScript objects permanently.

Sandboxed code: const m=[Map.prototype][0]
              ↓
Array creation: isGlobal taint stripped via valueOrProp()
              ↓
Prototype mutation: m.cmd='id' (host prototype polluted)
              ↓
Host-side impact: new Map().cmd === 'id' (persistent)
              ↓
RCE (application-dependent): host code calls execSync(obj.cmd)

For example, sandboxed code can inject a malicious command property into the Map prototype, which then persists across the entire host application.

When the host code later uses this polluted property in sensitive operations, such as executing system commands, attackers can achieve remote code execution.

Security researcher k14uz released working exploit code demonstrating three attack scenarios.

The simplest proof-of-concept shows how sandboxed code can add a “polluted” property to the Map prototype, which then appears in all new Map objects created by the host.

More dangerous demonstrations include overwriting built-in functions and executing system commands like “id” to reveal user information.

The attack chain is straightforward:

Action Description
Create Array Create an array containing a prototype reference.
Extract Reference Extract the prototype reference from the array, causing the protection flag to be lost.
Modify Prototype Add malicious properties or override existing ones on the prototype.
Trigger Usage Wait for host code to access the modified properties in sensitive operations.

Any application using SandboxJS to run untrusted JavaScript code is vulnerable.

Attackers can break sandbox isolation, manipulate host execution flow, and potentially gain full system access depending on how the host application processes the polluted properties.

According to the advisory published, developers must immediately upgrade to version 0.8.31, which preserves protection flags across array operations and blocks writes to built-in prototypes.

As additional defense, security teams should freeze built-in prototypes before executing untrusted code and audit applications for sensitive operations that might use user-controlled object properties.

This vulnerability highlights the challenges of creating secure JavaScript sandboxes. It underscores the importance of defense-in-depth when handling untrusted code.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.