Cyber Resilience

CVE-2026-5752

Critical

Published: 14 April 2026

Published
14 April 2026
Modified
21 April 2026
KEV Added
Patch
CVSS Score v3.1 9.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0021 11.0th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-5752 is a critical-severity an unspecified weakness vulnerability. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 11.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SC-39 (Process Isolation).

Deeper analysis

CVE-2026-5752, published on 2026-04-14, is a sandbox escape vulnerability in Terrarium that enables arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal. The affected software is Terrarium, an open-source project maintained by Cohere AI and available at https://github.com/cohere-ai/cohere-terrarium.

The vulnerability carries a CVSS v3.1 base score of 9.3 (AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating low attack complexity, local access vector, no required privileges or user interaction, and high impacts across confidentiality, integrity, availability, with a change in scope. A local attacker can exploit it to escape the sandbox and execute arbitrary code at root level on the host process.

Advisories and additional details are available from CERT at https://kb.cert.org/vuls/id/414811 and the project's GitHub repository at https://github.com/cohere-ai/cohere-terrarium.

EU & UK References

Vulnerability details

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.

CWE(s)
None listed

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1611 Escape to Host Privilege Escalation
Adversaries may break out of a container or virtualized environment to gain access to the underlying host.
Why these techniques?

Sandbox escape via JS prototype chain traversal directly enables arbitrary code execution as root on the host, mapping to exploitation for privilege escalation and escape to host.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates CVE-2026-5752 by requiring timely remediation of the specific sandbox escape flaw in Terrarium through patching or updates.

prevent

Enforces process isolation to prevent JavaScript prototype chain traversal from escaping the sandbox and accessing the root-privileged host process.

prevent

Limits privileges of the Terrarium host process to least required, preventing arbitrary code execution from gaining full root impact even if sandbox escape succeeds.

References