JavaScript Library Flaws Enable Sandbox Escape and Code Execution
Two high-severity flaws were disclosed in widely used JavaScript libraries, exposing applications to sandbox bypass and arbitrary code execution. CVE-2026-34208 affects SandboxJS before 0.8.36 and allows attacker-supplied code to evade protections on direct assignment to global objects by abusing an exposed constructor path. The bypass uses this.constructor.call(target, attackerObject) to reach the internal SandboxGlobal function while Function.prototype.call remains permitted, enabling arbitrary properties to be written into host global objects and persist across sandbox instances in the same process.
A separate issue, CVE-2026-41242, impacts protobufjs before 8.0.1 and 7.5.5, where attackers can inject arbitrary code into Protocol Buffers definition type fields and trigger execution during object decoding with a malicious schema. The flaw is tracked as CWE-94 and carries a CVSS v4 rating reflecting network-reachable exploitation with high impact to confidentiality, integrity, availability, and downstream systems. Maintainers released fixes in SandboxJS 0.8.36 and protobufjs 8.0.1 and 7.5.5.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
protobufjs releases 8.0.1 and 7.5.5 to patch CVE-2026-41242
The vulnerability record states that protobufjs versions 8.0.1 and 7.5.5 remediate CVE-2026-41242. References for the fix include GitHub commits, release tags, and a GitHub Security Advisory.
protobufjs arbitrary code execution flaw disclosed as CVE-2026-41242
CVE-2026-41242 was published for protobufjs, affecting versions prior to 8.0.1 and 7.5.5. The issue allows attackers to inject arbitrary code into protobuf definition type fields, which then executes during object decoding.
SandboxJS 0.8.36 fixes CVE-2026-34208
SandboxJS version 0.8.36 was identified as the fix for CVE-2026-34208. The patched release addresses the sandbox integrity escape that enabled modification of host global objects.
SandboxJS sandbox escape vulnerability disclosed as CVE-2026-34208
A vulnerability in SandboxJS affecting versions prior to 0.8.36 was published as CVE-2026-34208. The flaw allows attackers to bypass sandbox protections via an exposed constructor call path and write arbitrary properties into host global objects, with changes persisting across sandbox instances in the same process.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Critical SandboxJS Sandbox-Escape Vulnerabilities Enabling Host Code Execution
Multiple **critical vulnerabilities in *SandboxJS***—a JavaScript sandboxing library used to run untrusted code—were disclosed as enabling **sandbox escape and arbitrary code execution on the host**, with several issues scored **CVSS 10.0**. Reported flaws include **CVE-2026-25520**, **CVE-2026-25586**, **CVE-2026-25587**, and **CVE-2026-25641**, described as providing multiple paths to break out of SandboxJS’s isolation guarantees and take over the underlying runtime environment. Technical details published for **CVE-2026-25520** indicate that, prior to *SandboxJS* `0.8.29`, **function return values are not wrapped**, allowing attackers to use `Object.values()`/`Object.entries()` to obtain an array containing the host’s `Function` constructor (e.g., via `Array.prototype.at`), which can then be used to execute code outside the sandbox; the issue is fixed in `0.8.29` (with a referenced upstream commit and GitHub Security Advisory). Additional reported escape vectors include manipulation of supposedly safe prototypes (e.g., overwriting `Map.prototype.has` via a bug in the library’s `let` implementation) and a **host prototype pollution** condition tied to unsafe property-checking logic, collectively undermining the library’s core containment model.
Jun 29, 2026
Critical SandboxJS Sandbox Escape Enables Host Remote Code Execution
A critical vulnerability in the npm package **`@nyariv/sandboxjs`** allows attackers to escape the JavaScript sandbox and execute arbitrary code on the host system. The issue, tracked as **`CVE-2026-43898`**, affects all versions through **`0.9.5`** and has been rated **CVSS 10.0**. Public reporting and GitHub advisory coverage describe the flaw as a sandbox escape that can be triggered without credentials or user interaction, creating a path to full host takeover when applications use the library to process untrusted JavaScript. The bug stems from improper exposure of internal callback functionality during function property access, including **`caller`**, **`callee`**, and **`arguments`**, enabling attackers to recover the host **`Function`** constructor and run arbitrary JavaScript or system commands. Separate advisory reporting also describes a sandbox escape caused by a **TOCTOU** bug in key handling during property access, underscoring broader weaknesses in the package's isolation model. Maintainers released **`0.9.6`** to block access to the dangerous properties, and organizations using SandboxJS are being urged to upgrade immediately or stop executing untrusted code with the library.
Jun 29, 2026
SandboxJS Sandbox Escape via Host Prototype Pollution (CVE-2026-25881)
**CVE-2026-25881** is a critical sandbox-escape flaw in *SandboxJS* (`@nyariv/sandboxjs`) that allows sandboxed JavaScript to **mutate host built-in prototypes** (e.g., `Map.prototype`, `Set.prototype`) and cause persistent **host-side prototype pollution**. The issue stems from SandboxJS’s `isGlobal` protection mechanism: when a global prototype reference is placed into an **array literal** and then retrieved, the `isGlobal` “taint” is stripped, enabling direct prototype mutation from within the sandbox. The vulnerability affects versions **prior to 0.8.31** and is fixed in **0.8.31**; CVSS v3.1 is reported as `AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H` and the weakness is mapped to **CWE-1321**. Public reporting indicates a working **proof-of-concept (PoC)** is available demonstrating multiple exploitation scenarios, including adding attacker-controlled properties to host prototypes and overwriting built-in functions. While the sandbox escape itself is the core impact, **remote code execution is application-dependent**: if the host application later uses polluted properties in sensitive sinks (example gadget: `execSync(obj.cmd)`), an attacker can potentially execute system commands (e.g., `id`). Organizations using SandboxJS to run untrusted code should prioritize upgrading to **0.8.31** and review host code paths for dangerous use of object properties that could be influenced via prototype pollution.
Jun 29, 2026