Skip to content
The Nexus
SECURITYApr 22 · 07:16 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical security vulnerability (CVE-2026-5752) in Cohere AI's Terrarium sandbox allows attackers to execute arbitrary code with root privileges and escape containers via JavaScript prototype chain traversal. The flaw, rated 9.3 on the CVSS scale, poses significant risks to systems using the Python-based sandbox.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this