CVE-2026-24002
Published: 22 January 2026
Summary
CVE-2026-24002 is a critical-severity Injection (CWE-74) vulnerability in Getgrist Grist-Core. Its CVSS base score is 9.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SC-39 (Process Isolation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the vulnerability by requiring timely remediation through patching to Grist version 1.7.9 or later, which fixes the pyodide sandbox escape by running it under Deno.
Enforces secure baseline configuration settings, such as setting GRIST_SANDBOX_FLAVOR to gvisor, to avoid the vulnerable pyodide sandbox on Node.js.
Requires process isolation to prevent untrusted Python formulas in malicious Grist documents from escaping the sandbox and executing arbitrary server processes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Sandbox escape in public-facing Grist server enables remote arbitrary code execution via malicious Python formulas.
NVD Description
Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but…
more
pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`.
Deeper analysisAI
CVE-2026-24002 is a sandbox escape vulnerability in Grist, an open-source spreadsheet software that uses Python as its formula language. The issue affects the pyodide-based sandbox method when running on Node.js, which lacks an effective isolation barrier. This allows malicious Python formulas in untrusted spreadsheets to execute arbitrary processes on the hosting server if the `GRIST_SANDBOX_FLAVOR` environment variable is set to `pyodide`. The vulnerability is rated at CVSS 9.0 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) and is associated with CWE-74 (Improper Neutralization of Special Elements used in an SQL Command).
An attacker can exploit this vulnerability by crafting a malicious Grist document containing Python formulas that escape the pyodide sandbox. Exploitation requires a Grist user or administrator to configure the server with `GRIST_SANDBOX_FLAVOR=pyodide` and then open the document, enabling network-based attacks with no privileges needed but high complexity due to the need for a targeted document. Successful exploitation grants arbitrary code execution on the server, resulting in high confidentiality, integrity, and availability impacts with a changed scope.
The Grist security advisory (GHSA-7xvx-8pf2-pv5g) and documentation confirm the issue is fixed in Grist version 1.7.9 and later by running pyodide under Deno for improved sandboxing. As a workaround, administrators should set `GRIST_SANDBOX_FLAVOR` to `gvisor` to use the gvisor-based sandbox instead.
Details
- CWE(s)