{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24002", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T18:49:20.658Z", "datePublished": "2026-01-22T02:26:28.765Z", "dateUpdated": "2026-01-22T12:54:32.232Z"}, "containers": {"cna": {"title": "pyodide sandbox option is insecure", "problemTypes": [{"descriptions": [{"cweId": "CWE-74", "lang": "en", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g"}, {"name": "https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents", "tags": ["x_refsource_MISC"], "url": "https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents"}], "affected": [{"vendor": "gristlabs", "product": "grist-core", "versions": [{"version": "< 1.7.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-22T02:26:28.765Z"}, "descriptions": [{"lang": "en", "value": "Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`."}], "source": {"advisory": "GHSA-7xvx-8pf2-pv5g", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-22T12:52:12.413052Z", "id": "CVE-2026-24002", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T12:54:32.232Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24002", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-22T12:52:12.413052Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-22T12:54:25.326Z"}}], "cna": {"title": "pyodide sandbox option is insecure", "source": {"advisory": "GHSA-7xvx-8pf2-pv5g", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "gristlabs", "product": "grist-core", "versions": [{"status": "affected", "version": "< 1.7.9"}]}], "references": [{"url": "https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g", "name": "https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents", "name": "https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-22T02:26:28.765Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24002", "state": "PUBLISHED", "dateUpdated": "2026-01-22T12:54:32.232Z", "dateReserved": "2026-01-19T18:49:20.658Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-22T02:26:28.765Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:getgrist:grist-core:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F8A7C5C-5BE0-4EA5-BB48-F038908933ED", "versionEndExcluding": "1.7.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, that document could run arbitrary processes on the server hosting Grist. The problem has been addressed in Grist version 1.7.9 and up, by running pyodide under deno. As a workaround, a user can use the gvisor-based sandbox by setting `GRIST_SANDBOX_FLAVOR` to `gvisor`."}], "id": "CVE-2026-24002", "lastModified": "2026-02-17T17:59:16.383", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-22T03:15:47.777", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T03:56:35.098828+00:00", "value": {"mitigation_remediation": ["Upgrade Grist Core to version 1.7.9 or later, which runs pyodide under deno. ", "Configure GRIST_SANDBOX_FLAVOR to gvisor instead of pyodide when processing untrusted spreadsheets. ", "Restrict or disable the ability to set GRIST_SANDBOX_FLAVOR to pyodide in production environments."], "summary": {"action": "Patch Immediately", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The product affected is Grist Core from Grist Labs. Versions prior to 1.7.9 are vulnerable when the GRIST_SANDBOX_FLAVOR variable is set to pyodide. The vulnerability is mitigated in Grist 1.7.9 and later, which runs pyodide under an additional deno sandbox, and also in configurations that use the gvisor sandbox.", "description_and_impact": "Grist is a spreadsheet application that uses Python as its formula language. The vulnerability arises from the use of the pyodide sandbox option, which, when run under Node, lacks a proper sandbox barrier. A malicious spreadsheet opened by a user running Grist with the environment variable GRIST_SANDBOX_FLAVOR set to pyodide can execute arbitrary processes on the server that hosts Grist. This flaw is classified as CWE\u201174, indicating improper input validation leading to code execution. The CVSS score reflects a high severity impact of 9.1.", "risk_and_exploitability": "Although the EPSS score is below 1%, the high CVSS rating and the direct nature of the flaw give it significant risk. The attack requires an attacker to upload or otherwise provide a malicious spreadsheet and to trigger Grist with the pyodide sandbox flavor. Once the document is opened, the attacker can run arbitrary commands on the host system, potentially compromising the entire server. The flaw is not listed in the CISA KEV catalog, but the absence of a sandbox barrier makes exploitation straightforward if the environment permits the insecure pyodide option."}}}}, "created": "2026-01-22T10:08:10.092212+00:00", "updated": "2026-04-18T04:00:08.421032+00:00", "vendors": ["gristlabs", "gristlabs$PRODUCT$grist-core"]}