CVE-2026-25881: @nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)

February 10, 2026

A sandbox escape vulnerability allows sandboxed code to mutate host built-in prototypes by laundering the isGlobal protection flag through array literal intermediaries. When a global prototype reference (e.g., Map.prototype, Set.prototype) is placed into an array and retrieved, the isGlobal taint is stripped, permitting direct prototype mutation from within the sandbox. This results in persistent host-side prototype pollution and may enable RCE in applications that use polluted properties in sensitive sinks (example gadget: execSync(obj.cmd)).

References

github.com/advisories/GHSA-ww7g-4gwx-m7wj
github.com/nyariv/SandboxJS
github.com/nyariv/SandboxJS/commit/f369f8db26649f212a6a9a2e7a1624cb2f705b53
github.com/nyariv/SandboxJS/security/advisories/GHSA-ww7g-4gwx-m7wj
nvd.nist.gov/vuln/detail/CVE-2026-25881

Code Behaviors & Features

Detect and mitigate CVE-2026-25881 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →