CVE-2026-5752
Published: 14 April 2026
Summary
CVE-2026-5752 is a critical-severity an unspecified weakness vulnerability. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 11.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SC-39 (Process Isolation).
Deeper analysis
CVE-2026-5752, published on 2026-04-14, is a sandbox escape vulnerability in Terrarium that enables arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal. The affected software is Terrarium, an open-source project maintained by Cohere AI and available at https://github.com/cohere-ai/cohere-terrarium.
The vulnerability carries a CVSS v3.1 base score of 9.3 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating low attack complexity, local access vector, no required privileges or user interaction, and high impacts across confidentiality, integrity, availability, with a change in scope. A local attacker can exploit it to escape the sandbox and execute arbitrary code at root level on the host process.
Advisories and additional details are available from CERT at https://kb.cert.org/vuls/id/414811 and the project's GitHub repository at https://github.com/cohere-ai/cohere-terrarium.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-22676
Vulnerability details
Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Sandbox escape via JS prototype chain traversal directly enables arbitrary code execution as root on the host, mapping to exploitation for privilege escalation and escape to host.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CVE-2026-5752 by requiring timely remediation of the specific sandbox escape flaw in Terrarium through patching or updates.
Enforces process isolation to prevent JavaScript prototype chain traversal from escaping the sandbox and accessing the root-privileged host process.
Limits privileges of the Terrarium host process to least required, preventing arbitrary code execution from gaining full root impact even if sandbox escape succeeds.