CVE-2026-5752 describes a critical sandbox escape vulnerability discovered in cohere-terrarium versions 1.0.0 through 1.0.1. This flaw enables an attacker to execute arbitrary code with root privileges on the host process, effectively bypassing the intended security boundaries of the Terrarium sandbox. The vulnerability stems from a JavaScript prototype chain traversal issue. A fix is available in version 1.0.2.
The impact of CVE-2026-5752 is severe. Successful exploitation allows an attacker to gain root-level access to the host system. This means they can execute arbitrary commands, install malware, steal sensitive data, and potentially compromise the entire system. The sandbox escape bypasses the intended isolation of Terrarium, making it a particularly dangerous vulnerability. Given the potential for root access, the blast radius extends to all resources accessible by the compromised host, including databases, file systems, and network connections. This vulnerability is analogous to other sandbox escape flaws where attackers leverage prototype pollution or similar techniques to break out of the constrained environment.
CVE-2026-5752 was publicly disclosed on 2026-04-14. The vulnerability's severity is pending evaluation by CVSS. Currently, there are no publicly available proof-of-concept exploits, but the nature of the sandbox escape makes it likely that one will be developed. It is not currently listed on the CISA KEV catalog. Active campaigns exploiting this vulnerability are not yet confirmed, but the potential for remote code execution warrants immediate attention.
Organizations utilizing cohere-terrarium for sandboxing or code execution are at risk, particularly those relying on versions 1.0.0 through 1.0.1. Environments where Terrarium is used to execute untrusted code or process user-supplied data are especially vulnerable. Development teams using Terrarium for testing or experimentation should also prioritize patching.
• javascript / sandbox:
// Monitor for prototype chain modifications within the Terrarium sandbox.
// This is a simplified example and requires adaptation to the specific Terrarium implementation.
Object.prototype.__proto__ = { malicious: 'code' };• javascript / sandbox: Inspect JavaScript code for prototype manipulation attempts. • javascript / sandbox: Review Terrarium configuration for overly permissive sandbox settings.
disclosure
Exploit-Status
EPSS
0.03% (8% Perzentil)
The primary mitigation for CVE-2026-5752 is to immediately upgrade to version 1.0.2 of cohere-terrarium. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing stricter input validation and sanitization within the Terrarium environment to prevent prototype chain manipulation. While not a complete solution, this can reduce the attack surface. Monitor JavaScript execution within the Terrarium sandbox for unusual prototype modifications. Due to the nature of the vulnerability, WAF rules are unlikely to be effective without deep code analysis and modification. There are no specific Sigma or YARA rules available at this time.
Aktualisieren Sie auf Version 1.0.2 oder höher, um die Sandbox-Escape-Schwachstelle zu beheben. Dieses Update behebt die Möglichkeit der Ausführung beliebigen Codes mit Root-Rechten durch Manipulation der JavaScript-Prototypkette.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-5752 is a sandbox escape vulnerability in cohere-terrarium versions 1.0.0–1.0.1, allowing attackers to execute arbitrary code with root privileges through JavaScript prototype chain traversal.
You are affected if you are using cohere-terrarium versions 1.0.0 through 1.0.1. Upgrade to version 1.0.2 or later to mitigate the risk.
Upgrade cohere-terrarium to version 1.0.2 or later. If immediate upgrade is not possible, implement stricter input validation and monitor sandbox execution.
While no active exploitation has been confirmed, the vulnerability's severity and potential for easy exploitation make it a likely target.
Refer to the official cohere-terrarium project website or security mailing list for the advisory related to CVE-2026-5752.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.