CVE-2026-25881 — AI Deep Analysis Summary

🚨 **Essence**: SandboxJS < 0.8.31 suffers from a **Sandbox Escape** via **Prototype Pollution**. 📉 **Consequences**: Attackers can pollute host built-in prototypes, leading to **Remote Code Execution (RCE)**.…

🛡️ **CWE**: CWE-1321 (Prototype Pollution). 🔍 **Flaw**: The sandbox allows code to use **array literals** as intermediaries to pollute the global prototype chain, bypassing intended security restrictions.

👥 **Vendor**: nyariv. 📦 **Product**: SandboxJS. ⚠️ **Affected**: Versions **prior to 0.8.31**. If you are running an older version, you are vulnerable.

💀 **Privileges**: Full **Remote Code Execution (RCE)**. 📂 **Data**: High impact on Confidentiality, Integrity, and Availability (CVSS: H/H/H). Hackers can execute arbitrary commands on the host system.

🔓 **Auth**: None required (PR:N). 🌐 **Access**: Network accessible (AV:N). 🧠 **Complexity**: High (AC:H).…

🚫 **Public Exploit**: No public PoC or wild exploitation detected in the provided data. 📝 **Status**: References point to GitHub commits/advisories, but no active exploit kit is listed.

🔍 **Check**: Scan for **SandboxJS** installations. 📊 **Version**: Verify if the version is **< 0.8.31**. Look for usage of array literal injection patterns in sandboxed environments.

✅ **Fixed**: Yes. 🛠️ **Patch**: Update to **SandboxJS 0.8.31** or later. 📎 **Source**: See GitHub commit `f369f8d` and GHSA advisory `ww7g-4gwx-m7wj` for official fixes.

🚧 **Workaround**: If patching is impossible, **disable** the SandboxJS service or restrict network access to it immediately. 🛑 Isolate the host to prevent prototype pollution from affecting critical systems.

🔥 **Urgency**: **HIGH**. Despite High Complexity, the impact is **RCE** with **No Auth**. Once patched, prioritize this update to prevent potential zero-day exploitation by skilled attackers.