Description
Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`.
Published: 2026-01-22
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch Immediately
AI Analysis

Impact

Grist is a spreadsheet application that uses Python as its formula language. The vulnerability arises from the use of the pyodide sandbox option, which, when run under Node, lacks a proper sandbox barrier. A malicious spreadsheet opened by a user running Grist with the environment variable GRIST_SANDBOX_FLAVOR set to pyodide can execute arbitrary processes on the server that hosts Grist. This flaw is classified as CWE‑74, indicating improper input validation leading to code execution. The CVSS score reflects a high severity impact of 9.1.

Affected Systems

The product affected is Grist Core from Grist Labs. Versions prior to 1.7.9 are vulnerable when the GRIST_SANDBOX_FLAVOR variable is set to pyodide. The vulnerability is mitigated in Grist 1.7.9 and later, which runs pyodide under an additional deno sandbox, and also in configurations that use the gvisor sandbox.

Risk and Exploitability

Although the EPSS score is below 1%, the high CVSS rating and the direct nature of the flaw give it significant risk. The attack requires an attacker to upload or otherwise provide a malicious spreadsheet and to trigger Grist with the pyodide sandbox flavor. Once the document is opened, the attacker can run arbitrary commands on the host system, potentially compromising the entire server. The flaw is not listed in the CISA KEV catalog, but the absence of a sandbox barrier makes exploitation straightforward if the environment permits the insecure pyodide option.

Generated by OpenCVE AI on April 18, 2026 at 03:56 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Grist Core to version 1.7.9 or later, which runs pyodide under deno.
  • Configure GRIST_SANDBOX_FLAVOR to gvisor instead of pyodide when processing untrusted spreadsheets.
  • Restrict or disable the ability to set GRIST_SANDBOX_FLAVOR to pyodide in production environments.

Generated by OpenCVE AI on April 18, 2026 at 03:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 17 Feb 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Getgrist
Getgrist grist-core
CPEs cpe:2.3:a:getgrist:grist-core:*:*:*:*:*:*:*:*
Vendors & Products Getgrist
Getgrist grist-core

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Gristlabs
Gristlabs grist-core
Vendors & Products Gristlabs
Gristlabs grist-core

Thu, 22 Jan 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 22 Jan 2026 02:45:00 +0000

Type Values Removed Values Added
Description Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`.
Title pyodide sandbox option is insecure
Weaknesses CWE-74
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Getgrist Grist-core
Gristlabs Grist-core
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-22T12:54:32.232Z

Reserved: 2026-01-19T18:49:20.658Z

Link: CVE-2026-24002

cve-icon Vulnrichment

Updated: 2026-01-22T12:54:25.326Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-22T03:15:47.777

Modified: 2026-02-17T17:59:16.383

Link: CVE-2026-24002

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T04:00:08Z

Weaknesses