EXECUTIVE SUMMARY:
CVE-2026-43898 with a CVSS score of 10.0 is a critical vulnerability affecting the npm/@nyariv/sandboxjs package, specifically versions less than or equal to 0.9.5. The vulnerability lies in the property access logic registered via addOps in the prop.ts file, which exposes the Function.caller property, allowing sandboxed code to recover the internal LispType.Call runtime callback. An attacker can exploit this vulnerability by accessing the caller, callee, and arguments properties on functions, and then invoking the leaked callback with attacker-controlled fake context and obj values to extract blocked host statics, recover the real host Function constructor, and execute arbitrary host JavaScript. This capability allows an attacker to achieve remote code execution (RCE), which can have severe business impact and consequences, including unauthorized access to sensitive data, system compromise, and potential financial loss. Exploitation is possible without authentication, requiring only access to the affected package and version, and without any specific prerequisites or conditions.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-43898 with a CVSS score of 10.0 is a critical vulnerability affecting the npm/@nyariv/sandboxjs package, specifically versions less than or equal to 0.9.5. The vulnerability lies in the property access logic registered via addOps in the prop.ts file, which exposes the Function.caller property, allowing sandboxed code to recover the internal LispType.Call runtime callback. An attacker can exploit this vulnerability by accessing the caller, callee, and arguments properties on functions, and then invoking the leaked callback with attacker-controlled fake context and obj values to extract blocked host statics, recover the real host Function constructor, and execute arbitrary host JavaScript. This capability allows an attacker to achieve remote code execution (RCE), which can have severe business impact and consequences, including unauthorized access to sensitive data, system compromise, and potential financial loss. Exploitation is possible without authentication, requiring only access to the affected package and version, and without any specific prerequisites or conditions.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-g8f2-4f4f-5jqw