CVE-2026-25142

### 1. Summary A flaw in SandboxJS versions before 0.8.27 allows attackers to bypass sandbox restrictions using the `__lookupGetter__` method. This lets them access restricted object prototypes, escape the sandbox, and execute arbitrary code on the host system. ### 2. Affected Products - **Product**: SandboxJS (JavaScript sandboxing library) - **Affected Versions**: All versions prior to 0.8.27 (e.g., 0.8.26 and older). ### 3. Attacker Impact - **Exploitation**: An attacker with the ability to run untrusted JavaScript inside the sandbox can: - Escape the sandbox environment. - Achieve **remote code execution (RCE)** on the underlying host system, potentially stealing data, installing malware, or taking full control. ### 4. Remediation Steps - **Immediate Action**: Upgrade SandboxJS to **version 0.8.27 or later** (patched release). - **Verification**: Confirm the upgrade via `npm list sandboxjs` or your package manager. - **Mitigation**: If upgrading is delayed, restrict input to trusted sources and monitor for unusual sandbox behavior. **CVSS Context**: Critical severity (10.0) due to easy exploitation and high impact (RCE). **CWE-94**: Reflects improper code generation control, enabling sandbox bypass.