Skip to content
This repository was archived by the owner on Apr 22, 2026. It is now read-only.

v1.0.1 — Fix CVE-2026-5752

Latest
Latest

Choose a tag to compare

View all tags
@matt-cohere matt-cohere released this 22 Apr 15:34
v1.0.1
d1e20d6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Changelog

1.0.1 — 2026-04-22

Security

  • Fix CVE-2026-5752 (CVSS 9.3, critical): sandbox escape via JavaScript
    prototype chain traversal in src/services/python-interpreter/service.ts.
    Mock document / ImageData / DOM stub objects exposed to Pyodide via
    jsglobals were plain object literals that inherited from
    Object.prototype, allowing sandboxed Python to walk
    .constructor.constructor to the host Function constructor, obtain
    host globalThis, and reach require for arbitrary code execution as
    root. Every exposed object is now built with Object.create(null);
    read-only mocks are additionally frozen.
  • Add regression test
    tests/security/cve_2026_5752_proto_escape.py.

Notes

This project remains unmaintained beyond this security release. Users are
encouraged to migrate to a maintained sandbox.

Assets 2
Loading