Description
SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Function` constructor with a safe, sandboxed version (`SandboxFunction`). This is handled in `utils.ts` by mapping `Function` to `sandboxFunction` within a map used for lookups. However, before version 0.8.26, the library did not include mappings for `AsyncFunction`, `GeneratorFunction`, and `AsyncGeneratorFunction`. These constructors are not global properties but can be accessed via the `.constructor` property of an instance (e.g., `(async () => {}).constructor`). In `executor.ts`, property access is handled. When code running inside the sandbox accesses `.constructor` on an async function (which the sandbox allows creating), the `executor` retrieves the property value. Since `AsyncFunction` was not in the safe-replacement map, the `executor` returns the actual native host `AsyncFunction` constructor. Constructors for functions in JavaScript (like `Function`, `AsyncFunction`) create functions that execute in the global scope. By obtaining the host `AsyncFunction` constructor, an attacker can create a new async function that executes entirely outside the sandbox context, bypassing all restrictions and gaining full access to the host environment (Remote Code Execution). Version 0.8.26 patches this vulnerability.
Published: 2026-01-27
Score: 10 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in versions of the sandboxing library prior to 0.8.26 stems from the fact that the global constructor for asynchronous functions is not replaced during the sandboxing process. This oversight allows code that runs inside the sandbox to retrieve the native AsyncFunction constructor through the .constructor property of an async function instance. Constructing a new async function with this native constructor executes code in the host environment rather than within the isolated sandbox, enabling attackers to run arbitrary code with all privileges of the host process. The flaw is characterized by the weaknesses listed in CWE‑693, CWE‑913, and CWE‑94.

Affected Systems

Users of the JavaScript sandboxing library from the developer known as nyariv, specifically any installations of SandboxJS with a version older than 0.8.26, are affected. The vulnerability exists in the library’s implementation of sandboxed function construction and persists until the update is applied.

Risk and Exploitability

Given the CVSS score of 10, the potential impact of this flaw is maximum; an attacker can completely escape the sandbox and execute arbitrary code. The EPSS score of less than 1 percent indicates that, while the likelihood of exploitation is currently low, the severity dictates that it should be treated with urgency. The vulnerability has not yet been listed in the CISA Known Exploited Vulnerabilities catalog, but the lack of a catalog entry does not diminish the need for timely remediation. Without a patch, the flaw can be exploited by any code path that creates or accesses asynchronous functions within the sandbox.

Generated by OpenCVE AI on April 18, 2026 at 01:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade SandboxJS to version 0.8.26 or newer.
  • If an upgrade is not immediately feasible, modify the sandbox’s utilities to map the AsyncFunction constructor to the safe replacement, ensuring that .constructor lookups invoke the sandboxed implementation.
  • Audit any application code that relies on sandboxed execution to confirm that no untrusted input can trigger the vulnerable async function construction path.

Generated by OpenCVE AI on April 18, 2026 at 01:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-wxhw-j4hc-fmq6 SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
History

Thu, 12 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:nyariv:sandboxjs:*:*:*:*:*:node.js:*:*

Wed, 28 Jan 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 28 Jan 2026 12:30:00 +0000

Type Values Removed Values Added
First Time appeared Nyariv
Nyariv sandboxjs
Vendors & Products Nyariv
Nyariv sandboxjs

Tue, 27 Jan 2026 23:45:00 +0000

Type Values Removed Values Added
Description SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to `AsyncFunction` not being isolated in `SandboxFunction`. The library attempts to sandbox code execution by replacing the global `Function` constructor with a safe, sandboxed version (`SandboxFunction`). This is handled in `utils.ts` by mapping `Function` to `sandboxFunction` within a map used for lookups. However, before version 0.8.26, the library did not include mappings for `AsyncFunction`, `GeneratorFunction`, and `AsyncGeneratorFunction`. These constructors are not global properties but can be accessed via the `.constructor` property of an instance (e.g., `(async () => {}).constructor`). In `executor.ts`, property access is handled. When code running inside the sandbox accesses `.constructor` on an async function (which the sandbox allows creating), the `executor` retrieves the property value. Since `AsyncFunction` was not in the safe-replacement map, the `executor` returns the actual native host `AsyncFunction` constructor. Constructors for functions in JavaScript (like `Function`, `AsyncFunction`) create functions that execute in the global scope. By obtaining the host `AsyncFunction` constructor, an attacker can create a new async function that executes entirely outside the sandbox context, bypassing all restrictions and gaining full access to the host environment (Remote Code Execution). Version 0.8.26 patches this vulnerability.
Title SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
Weaknesses CWE-693
CWE-913
CWE-94
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Nyariv Sandboxjs
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-28T15:09:44.543Z

Reserved: 2026-01-16T15:46:40.841Z

Link: CVE-2026-23830

cve-icon Vulnrichment

Updated: 2026-01-28T15:09:40.427Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-28T00:15:50.170

Modified: 2026-02-12T20:47:16.640

Link: CVE-2026-23830

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T02:00:10Z

Weaknesses