{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5752", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "state": "PUBLISHED", "assignerShortName": "certcc", "dateReserved": "2026-04-07T16:13:06.702Z", "datePublished": "2026-04-14T17:53:10.330Z", "dateUpdated": "2026-04-23T12:19:54.254Z"}, "containers": {"cna": {"title": "CVE-2026-5752", "descriptions": [{"lang": "en", "value": "Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Cohere", "product": "cohere-terrarium", "versions": [{"status": "affected", "version": "1.0.1"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}, {"descriptions": [{"lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}, {"descriptions": [{"lang": "en", "description": "CWE-284 Improper Access Control"}]}], "references": [{"url": "https://kb.cert.org/vuls/id/414811"}, {"url": "https://github.com/cohere-ai/cohere-terrarium"}], "x_generator": {"engine": "VINCE 3.0.36", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-5752"}, "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-04-23T12:19:54.254Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T19:21:33.066063Z", "id": "CVE-2026-5752", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:21:36.083Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/414811"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-21T14:34:54.223Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.kb.cert.org/vuls/id/414811"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-04-21T14:34:54.223Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-5752", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-14T19:21:33.066063Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T19:21:27.876Z"}}], "cna": {"title": "CVE-2026-5752", "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Cohere", "product": "cohere-terrarium", "versions": [{"status": "affected", "version": "1.0.1"}]}], "references": [{"url": "https://kb.cert.org/vuls/id/414811"}, {"url": "https://github.com/cohere-ai/cohere-terrarium"}], "x_generator": {"env": "prod", "engine": "VINCE 3.0.36", "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-5752"}, "descriptions": [{"lang": "en", "value": "Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}, {"descriptions": [{"lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}, {"descriptions": [{"lang": "en", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc", "dateUpdated": "2026-04-23T12:19:54.254Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5752", "state": "PUBLISHED", "dateUpdated": "2026-04-23T12:19:54.254Z", "dateReserved": "2026-04-07T16:13:06.702Z", "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "datePublished": "2026-04-14T17:53:10.330Z", "assignerShortName": "certcc"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal."}], "id": "CVE-2026-5752", "lastModified": "2026-04-21T15:16:37.563", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-14T18:17:39.360", "references": [{"source": "cret@cert.org", "url": "https://github.com/cohere-ai/cohere-terrarium"}, {"source": "cret@cert.org", "url": "https://kb.cert.org/vuls/id/414811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.kb.cert.org/vuls/id/414811"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "cohere-terrarium", "source": "cna", "vendor": "Cohere"}, "product": "cohere-terrarium", "vendor": "cohere"}], "analysis": {"en": {"generated_at": "2026-04-14T22:27:06.279356+00:00", "value": {"mitigation_remediation": ["Verify whether an updated release of Cohere Terrarium is available that addresses this issue and apply it as soon as it is released.", "Until a fix is found, run Terrarium with the least privileges possible, isolating it from the host filesystem and disabling any API that permits prototype chain modifications or access to system resources.", "Continuously monitor vendor advisories, public security bulletins, and the repository\u2019s release notes for notices of a patch or temporary mitigation, and update the deployment immediately when one is announced."], "summary": {"action": "Apply patch", "impact": "Root privilege escalation via sandbox escape in Cohere Terrarium"}, "threat_synthesis": {"affected_systems": "The affected product is Cohere Terrarium. No specific version numbers were disclosed in the advisory, so any deployment of the component that is currently running is potentially vulnerable until a patch or definitive fix is applied. Administrators should review all instances of Cohere Terrarium in their environment to gauge exposure.", "description_and_impact": "Cohere Terrarium contains a sandbox escape flaw that allows an attacker to execute arbitrary code with root privileges on the host system by traversing the JavaScript prototype chain. This vulnerability bypasses the intended isolation boundaries of the Terrarium environment, enabling complete takeover of the underlying host and allowing the attacker to read, modify, or delete any data and to install additional malicious software. The impact is severe, affecting confidentiality, integrity, and availability at the system level.", "risk_and_exploitability": "The CVSS score of 9.3 categorizes this flaw as critical. The EPSS score is not available, and the vulnerability is not yet catalogued in the CISA KEV list. The attack vector is inferred to be remote, as malicious JavaScript can be injected within the sandboxed environment, and the necessary conditions include a permissive JavaScript execution context that allows prototype modifications and host resource access. Organizations running Terrarium with untrusted or permissive scripting should consider this vulnerability the highest risk exposure."}}}}, "created": "2026-04-15T14:41:09.777243+00:00", "title": "Root Privilege Escalation via Sandbox Escape in Cohere Terrarium", "updated": "2026-04-15T14:53:58.015888+00:00", "vendors": ["cohere", "cohere$PRODUCT$cohere-terrarium"], "weaknesses": ["CWE-20", "CWE-94"]}