A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution.The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system.”Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according to
First seen on thehackernews.com
Jump to article: thehackernews.com/2026/04/cohere-ai-terrarium-sandbox-flaw.html
