CVE-2026-43898
Sandbox Bypass in SandboxJS via Function.caller Exposure
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nyariv | sandboxjs | to 0.9.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-43898 is a critical vulnerability in SandboxJS, a JavaScript sandboxing library. Prior to version 0.9.6, sandbox-defined functions expose the Function.caller property, which allows sandboxed code to access an internal LispType.Call runtime callback. This callback can be invoked with attacker-controlled context and object values, enabling the attacker to extract blocked host statics, recover the real host Function constructor, and execute arbitrary JavaScript code on the host.
The root cause is improper property access logic in the CommonJS build, which allows sandboxed code to read Function.caller and observe the host-side callback that invoked the sandbox function. This callback accepts attacker-controlled parameters without authentication, allowing forged operands to invoke internal primitives.
How can this vulnerability impact me? :
This vulnerability allows an attacker to escape the sandbox environment and execute arbitrary JavaScript code on the host system. This can lead to a complete compromise of the host environment, including unauthorized access to sensitive data, execution of malicious commands, and full control over the affected system.
The CVSS v3.1 base score is 10.0, indicating critical severity with impacts on confidentiality, integrity, and availability. The attack requires no privileges or user interaction and can be performed remotely over the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the SandboxJS version in use is prior to 0.9.6, as versions 0.9.5 and earlier are vulnerable.
Since the vulnerability allows sandboxed code to access the Function.caller property and execute arbitrary host JavaScript, one way to detect exploitation attempts is to monitor for unusual or unauthorized JavaScript execution within sandboxed environments.
There are no specific commands provided in the resources to detect this vulnerability directly on a network or system.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade SandboxJS to version 0.9.6 or later, where this vulnerability is fixed.
The fix involves restricting access to the Function.caller, callee, and arguments properties within the sandbox, preventing sandboxed code from exploiting the internal LispType.Call runtime callback.
If upgrading immediately is not possible, consider restricting or monitoring the execution of sandboxed JavaScript code to detect and prevent exploitation attempts.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in SandboxJS allows arbitrary code execution by escaping the sandbox, which can lead to unauthorized access to sensitive data and system resources. This poses significant risks to confidentiality, integrity, and availability of data.
Such unauthorized access and potential data breaches can impact compliance with common standards and regulations like GDPR and HIPAA, which require strict controls to protect personal and sensitive information from unauthorized access and disclosure.
Therefore, if exploited, this vulnerability could lead to violations of these regulations due to compromised data security and privacy.