SECURITYTHE HACKER NEWS
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
A critical security vulnerability (CVE-2026-5752) in Cohere AI's Terrarium sandbox allows attackers to execute arbitrary code with root privileges and escape containers via JavaScript prototype chain traversal. The flaw, rated 9.3 on the CVSS scale, poses significant risks to systems using the Python-based sandbox.
Mentioned