CVE-2026-24002
Remote Code Execution via Insecure Pyodide Sandbox in Grist
Publication date: 2026-01-22
Last updated on: 2026-02-17
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| getgrist | grist-core | to 1.7.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Grist spreadsheet software when using the 'pyodide' sandbox flavor to run Python formulas. Pyodide on Node.js does not provide an effective sandbox barrier, so if a user sets the environment variable GRIST_SANDBOX_FLAVOR to 'pyodide' and opens a malicious document, that document can execute arbitrary processes on the server hosting Grist. This allows an attacker to run unauthorized code on the server. The issue was fixed in Grist version 1.7.9 by running Pyodide under Deno, which provides a secure sandbox. As a workaround, users can switch to the gVisor-based sandbox by setting GRIST_SANDBOX_FLAVOR to 'gvisor'. [2]
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized execution of arbitrary processes on the server hosting Grist. This can lead to unauthorized data access, data modification, and disruption of system availability. Since the vulnerability allows remote exploitation without any privileges or user interaction, it poses a critical risk to the confidentiality, integrity, and availability of the system and data. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on checking the environment variable GRIST_SANDBOX_FLAVOR to see if it is set to 'pyodide', which indicates the vulnerable sandbox configuration. Additionally, monitoring for unexpected process executions originating from Grist server processes could indicate exploitation attempts. Since Grist is typically run in Docker containers, you can inspect the container environment variables with commands like `docker exec <container_id> printenv | grep GRIST_SANDBOX_FLAVOR`. Also, reviewing Grist version with `docker exec <container_id> grist --version` or checking the deployed version can help identify if it is prior to 1.7.9, which is vulnerable. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Grist to version 1.7.9 or later, where the vulnerability is fixed by running Pyodide under Deno. If upgrading is not immediately possible, change the sandboxing method by setting the environment variable GRIST_SANDBOX_FLAVOR to 'gvisor' to use the gVisor-based sandbox, which provides a secure isolation. Ensure that the container and server environment are configured to support sandboxing properly, including enabling SYS_PTRACE capability if required. Also, review and restrict access to the Grist server to trusted users and networks to reduce risk. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows execution of arbitrary processes on the server hosting Grist, potentially leading to unauthorized access, modification, or disruption of sensitive data. Such impacts on confidentiality, integrity, and availability could result in non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and ensuring system integrity and availability. [2]