CVE-2026-25587 in SandboxJS
Summary
by MITRE • 02/06/2026
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, as Map is in SAFE_PROTOYPES, it's prototype can be obtained via Map.prototype. By overwriting Map.prototype.has the sandbox can be escaped. This vulnerability is fixed in 0.8.29.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 02/07/2026
The vulnerability identified as CVE-2026-25587 affects SandboxJS, a JavaScript sandboxing library designed to provide isolated execution environments for untrusted code. This security flaw represents a critical prototype pollution vulnerability that undermines the fundamental security model of the sandboxing mechanism. The issue stems from the library's handling of the Map prototype within its SAFE_PROTOYPES configuration, creating an exploitable pathway for malicious actors to escape the intended sandbox boundaries.
The technical flaw occurs when the Map prototype is accessible through Map.prototype, allowing attackers to manipulate the prototype object directly. Specifically, by overwriting Map.prototype.has, an attacker can modify the behavior of the has method that is used within the sandboxing mechanism. This prototype pollution attack leverages the fact that JavaScript's prototype chain inheritance allows modifications to be propagated throughout the entire object hierarchy, effectively breaking the sandbox isolation. The vulnerability is classified under CWE-471 as "Modification of Externally-Controlled Pointer or Reference," where the prototype reference becomes externally controlled through improper access restrictions.
The operational impact of this vulnerability is severe as it completely defeats the purpose of sandboxing by enabling arbitrary code execution outside the intended secure environment. An attacker who successfully exploits this vulnerability can execute malicious JavaScript code with the same privileges as the sandboxed environment, potentially leading to data exfiltration, privilege escalation, or further system compromise. The attack vector is particularly concerning because it requires minimal privileges to execute and can be automated, making it attractive to threat actors seeking to bypass security controls in applications that rely on SandboxJS for code isolation.
The fix implemented in version 0.8.29 addresses this vulnerability by properly restricting access to prototype objects and implementing stricter validation of prototype modifications within the sandboxing context. This mitigation aligns with ATT&CK technique T1059.007 for JavaScript and ATT&CK technique T1555.001 for credentials from password storage components, as it prevents unauthorized modifications to core JavaScript objects that could be leveraged for privilege escalation or credential theft. Organizations using SandboxJS should immediately upgrade to version 0.8.29 or later to remediate this vulnerability, as the prototype pollution attack can be executed through simple JavaScript code that modifies the Map prototype's has method. The vulnerability demonstrates the critical importance of proper prototype access controls in sandboxing implementations and highlights the need for comprehensive security testing of JavaScript sandboxing libraries against prototype pollution attacks.