Product Details
Product Name: SandboxJS
Product Type: JavaScript Sandbox / Code Isolation Framework
Affected Component: Sandbox Execution Engine
Vulnerability Class: Sandbox Escape leading to Arbitrary Code Execution
Attack Vector: Remote
Authentication Required: None
SandboxJS is commonly deployed to execute untrusted or user-controlled JavaScript code in a restricted environment. The vulnerabilities described below allow crafted JavaScript payloads to escape the sandbox boundary and execute code in the underlying host runtime.
Vulnerability Overview
Multiple critical sandbox escape vulnerabilities were identified in SandboxJS. Due to weaknesses in prototype isolation, error handling, and global context separation, sandbox restrictions could be bypassed. Once exploited, arbitrary JavaScript execution was achieved in the host context, effectively nullifying the security guarantees of the sandbox.
Successful exploitation resulted in:
- Full sandbox escape
- Execution of arbitrary host-level JavaScript
- Potential system command execution depending on runtime configuration
- Data exposure and privilege escalation
Affected CVEs Summary
| CVE ID | CVSS Score | Severity | Exploitability | Exploit Availability |
|---|---|---|---|---|
| CVE-2026-25587 | 9.8 | Critical | Network exploitable, low complexity | Educational PoC feasible |
| CVE-2026-25586 | 9.6 | Critical | Network exploitable, no auth | Educational PoC feasible |
| CVE-2026-25520 | 9.1 | Critical | Network exploitable | Limited educational PoC |
CVE-2026-25587 – Prototype Chain Sandbox Escape
Description
Improper protection of JavaScript prototype chains was observed within the SandboxJS execution environment. Core JavaScript objects were not fully sealed or frozen, allowing inherited properties to be modified from within the sandbox.
By abusing prototype inheritance, access to restricted constructors was obtained, leading to arbitrary code execution outside the sandbox boundary.
Impact
- Sandbox isolation was fully bypassed
- Arbitrary JavaScript executed in the host context
- Potential execution of system-level commands
Attack Scenario
A malicious JavaScript payload was supplied to the sandbox that altered prototype properties of trusted objects. Through prototype traversal, access to restricted constructors was achieved. Execution context escalation followed, resulting in host-level execution.
Exploit Availability
Proof-of-concept exploitation is considered available for educational and research purposes only. The attack does not require authentication and can be performed remotely where untrusted scripts are accepted.
CVE-2026-25586 – Error Object Handling Sandbox Escape
Description
SandboxJS exposed internal runtime references through improperly sanitized error objects. When controlled exceptions were triggered, detailed stack traces and internal object references were leaked to the sandboxed code.
These leaked references enabled reconstruction of restricted execution paths, allowing re-entry into privileged runtime layers.
Impact
- Exposure of internal runtime objects
- Sandbox boundary bypass
- Arbitrary code execution
Attack Scenario
Repeated and controlled runtime errors were triggered within the sandbox. Stack traces returned internal execution references that were reused to regain access to restricted runtime functions.
Exploit Availability
Educational proof-of-concept exploitation is considered feasible. The attack relies on predictable error behavior and requires no authentication.
CVE-2026-25520 – Global Execution Context Leakage
Description
Improper separation of global execution contexts was identified in SandboxJS. Variable resolution and scope handling flaws allowed sandboxed code to reference objects from the host global context.
This resulted in access to APIs and objects that should have remained inaccessible.
Impact
- Unauthorized access to host global objects
- Privilege boundary violation
- Arbitrary code execution
Attack Scenario
A crafted payload manipulated scope resolution logic, causing variable lookups to resolve against the host global context rather than the sandbox context.
Exploit Availability
Limited educational proof-of-concept exploitation is possible. Successful exploitation depends on runtime configuration and exposed globals.
Detection
Indicators of Compromise
- Unexpected modification of JavaScript prototypes
- Abnormal use of
constructor,Function, or dynamic evaluation - Repeated intentional runtime errors from sandboxed scripts
- Sandbox processes spawning unexpected child processes
Log Sources
- Application execution logs
- JavaScript runtime logs
- Error and exception logs
- Operating system process creation logs
- Endpoint detection telemetry
Detection Rules
Suspicious Prototype Manipulation
SELECT *
FROM application_logs
WHERE message LIKE '%__proto__%'
OR message LIKE '%prototype%'
OR message LIKE '%constructor%'
Abnormal Dynamic Code Execution
SELECT *
FROM runtime_logs
WHERE function_name IN ('Function', 'eval')
AND execution_context = 'sandbox'
Excessive Sandbox Error Generation
SELECT COUNT(*), source_ip
FROM error_logs
WHERE application = 'SandboxJS'
GROUP BY source_ip
HAVING COUNT(*) > 50
Sandbox Process Spawning System Binaries
SELECT *
FROM process_creation_logs
WHERE parent_process = 'sandboxjs'
AND process_name NOT IN ('node', 'sandbox-runtime')
Mitigation
- Immediate upgrade to the patched SandboxJS version
- Disable execution of untrusted scripts until patching is completed
- Restrict dynamic code execution where possible
- Enable enhanced logging and runtime monitoring
Official Patch / Upgrade Information
Only official vendor-provided updates should be applied.
Official Patch and Upgrade Page:
https://github.com/sandboxjs/sandboxjs/releases
Final Takeaway
These vulnerabilities represent a complete breakdown of sandbox isolation. Any environment relying on SandboxJS for security boundaries is considered at critical risk until patched. Immediate remediation is strongly advised.
