Release of the SandboxJS Vulnerability PoC The JavaScript library has been found to have a serious sandbox escape vulnerability that allows attackers to run arbitrary code on host systems This article explores flaw sandboxjs defenses. . All versions up to 0.8.30 are affected by the vulnerability, which has been fixed in version 0.8.31 and is tracked as CVE-2026-25881 with a critical CVSS score of 8.3/10.

The vulnerability takes advantage of a flaw in SandboxJS's defenses. The "isGlobal" flag is used by the library to stop sandboxed code from changing host system objects. Find out more Password managers being exploited by computer security consulting SplashTop Cloud security services with a ZeroOwl subscription Software for detecting malware Malware Reports of security vulnerabilities Tools for digital forensics But when there are global prototype references, such as Map.prototype or Set. The protective flag is removed after prototypes are retrieved from an array.

This technique, known as "prototype pollution," gives attackers the ability to permanently alter essential JavaScript objects. Code in a sandbox: const m=[Map.prototype][0] ↓ Creating an array: isGlobal taint is removed using valueOrProp() ↓ Mutating the prototype: m.cmd='id' (host prototype polluted) Impact on the host: new Map().cmd === 'id' (persistent) ↓ Application-dependent RCE: host code invokes execSync(obj.cmd) For instance, a malicious command property that spreads throughout the host application can be introduced into the Map prototype by sandboxed code. Attackers can accomplish remote code execution when the host code subsequently makes use of this contaminated property in delicate processes, like carrying out system commands.

Working exploit code illustrating three attack scenarios was made public by security researcher K14uz.

The most basic proof-of-concept demonstrates how sandboxed code can give the Map prototype a "polluted" property, which is subsequently present in all newly created Map objects by the host. Learn more about malware exploits. Modules for hardware security Verification Consulting for computer security Hacking news notifications Secure messaging apps Taking advantage of Consulting services for cybersecurity Tools for ethical hacking Overwriting built-in functions and running system commands like "id" to expose user information are examples of more risky demonstrations.

The attack chain is simple: Description of Action Make an array Make an array with a reference to the prototype. Take Out the Reference The protection flag is removed when the prototype reference is extracted from the array. Adjust the Prototype On the prototype, add malicious properties or replace preexisting ones.

Use of Triggers In sensitive operations, wait for host code to access the changed properties. Any program that runs untrusted JavaScript code through SandboxJS is at risk. Depending on how the host application handles the contaminated properties, an attacker may be able to disrupt sandbox isolation, alter the host execution flow, and even obtain complete system access.

The published advisory states that developers should update to version 0.8.31 right away because it prevents writes to built-in prototypes and maintains protection flags across array operations. Security teams should audit applications for sensitive operations that may use user-controlled object properties and freeze built-in prototypes before running untrusted code as an extra precaution. This flaw emphasizes how difficult it is to design safe JavaScript sandboxes. It emphasizes how crucial defense-in-depth is when working with untrusted code.

Learn more Software for endpoint detection and response Solutions for data security Feeds of threat intelligence Protection against phishing cyber service VPN services for cybersecurity Malware removal services Tools for cloud security LinkedIn, X for daily cybersecurity updates, and ethical hacking tools. To have your stories featured, get in touch with us.