A critical vulnerability in SandboxJS, tracked as CVE-2026-25881, was disclosed on 11 February 2026 and could allow a malicious script to escape the sandbox and modify the host application's core logic, potentially enabling Remote Code Execution. The flaw centres on bypassing the sandbox’s isGlobal protection by laundering the taint through an array, allowing sandboxed code to mutate host built-in prototypes.
According to the security advisory, the polluted prototypes can give an attacker persistent host-side prototype pollution and may enable RCE in applications that rely on polluted properties in sensitive sinks, with an example gadget being execSync(obj[.]cmd). The issue affects SandboxJS versions Prior to 0.8.31, and the maintainers note that it has been fixed in 0.8.31, urging developers to upgrade immediately to mitigate full compromise risk for untrusted code.