CVE-2026-5752
CVE-2026-5752
9.3
CriticalPublished:
Last updated:
Source:cret@cert.org
Awaiting Analysis
CVSS Vector
v3.1- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Changed
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal.
References
cret@cert.org
https://github.com/cohere-ai/cohere-terrariumcret@cert.org
https://kb.cert.org/vuls/id/414811af854a3a-2127-422b-91ae-364da2661108
https://www.kb.cert.org/vuls/id/414811