CVE-2026-25586
Published: 06 February 2026
Summary
CVE-2026-25586 is a critical-severity Injection (CWE-74) vulnerability in Nyariv Sandboxjs. Its CVSS base score is 10.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 9.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SC-50 (Software-enforced Separation and Policy Enforcement).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the sandbox escape by requiring timely remediation of the specific flaw in SandboxJS versions prior to 0.8.29.
Requires a tamperproof reference monitor that enforces property access policies, countering the hasOwnProperty shadowing bypass in the sandbox's property-access path.
Mandates software-enforced separation mechanisms that prevent prototype pollution and cross-sandbox impacts from unauthorized property access.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Sandbox escape via prototype pollution directly enables privilege escalation (T1068) from restricted JS environment to host; attacker-supplied malicious JavaScript (T1059.007) is the vector that bypasses isolation for RCE.
NVD Description
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, a sandbox escape is possible by shadowing hasOwnProperty on a sandbox object, which disables prototype whitelist enforcement in the property-access path. This permits direct access to __proto__ and other blocked prototype…
more
properties, enabling host Object.prototype pollution and persistent cross-sandbox impact. This vulnerability is fixed in 0.8.29.
Deeper analysisAI
CVE-2026-25586 is a critical sandbox escape vulnerability in SandboxJS, an open-source JavaScript sandboxing library. Versions prior to 0.8.29 are affected, where an attacker can shadow the hasOwnProperty method on a sandbox object. This action disables prototype whitelist enforcement during property access, allowing direct access to blocked prototype properties such as __proto__. Consequently, this enables host Object.prototype pollution and persistent impact across multiple sandboxes. The vulnerability carries a CVSS v3.1 base score of 10.0 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) and is associated with CWE-74.
Remote attackers can exploit this vulnerability over the network with low complexity, requiring no privileges, authentication, or user interaction. By executing malicious JavaScript code within a sandboxed environment, they can bypass isolation controls, pollute the host Object.prototype, and achieve persistent effects that propagate across sandboxes. This grants high-impact confidentiality, integrity, and availability compromises with a changed scope, potentially leading to full code execution on the host environment.
The vulnerability was fixed in SandboxJS version 0.8.29, as detailed in the project's GitHub security advisory (GHSA-jjpw-65fv-8g48) and the corresponding commit (67cb186c41c78c51464f70405504e8ef0a6e43c3). Security practitioners should update to 0.8.29 or later and review deployments using SandboxJS for exposure, particularly in web applications or Node.js environments relying on sandboxing for untrusted code execution.
Details
- CWE(s)