CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Critical Grist-Core Vulnerability Enables RCE via Spreadsheet Formulas

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

A critical vulnerability in Grist-Core, an open-source relational spreadsheet-database, allows remote code execution (RCE) through malicious spreadsheet formulas. The flaw, codenamed Cellbreak (CVE-2026-24002, CVSS score: 9.1), enables attackers to execute OS commands or host-runtime JavaScript, collapsing the boundary between cell logic and host execution. The issue stems from a sandbox escape in the Pyodide sandboxing method, which is used for Python formula execution. Grist has released version 1.7.9 to address the vulnerability, and users are advised to update immediately. The vulnerability was uncovered by Cyera Research Labs and affects both managed SaaS and self-hosted environments, increasing the impact of the flaw. Grist adoption includes government, higher-education organizations, and commercial teams in marketing and game design.

Timeline

  1. 27.01.2026 12:36 2 articles · 1d ago

    Grist-Core Vulnerability Enables RCE via Spreadsheet Formulas

    A critical vulnerability in Grist-Core, codenamed Cellbreak (CVE-2026-24002), allows remote code execution through malicious spreadsheet formulas. The flaw is due to a sandbox escape in the Pyodide sandboxing method, enabling attackers to execute OS commands or host-runtime JavaScript. Grist has released version 1.7.9 to address the issue, and users are advised to update immediately. The vulnerability was uncovered by Cyera Research Labs and affects both managed SaaS and self-hosted environments, increasing the impact of the flaw. Grist adoption includes government, higher-education organizations, and commercial teams in marketing and game design.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Critical sandbox escape flaw in vm2 NodeJS library

A critical-severity vulnerability (CVE-2026-22709) in the vm2 Node.js sandbox library allows escaping the sandbox and executing arbitrary code on the host system. The flaw arises from improper sanitization of Promises, enabling attackers to bypass sandbox restrictions. The vulnerability affects versions prior to 3.10.2 and has been partially addressed in subsequent updates. The vm2 library, widely used in SaaS platforms and open-source projects, was discontinued in 2023 due to repeated sandbox-escape vulnerabilities but was resurrected in 2025. The vulnerability is trivial to exploit, and users are advised to upgrade to the latest version (3.10.3) to mitigate the risk. The vulnerability carries a CVSS score of 9.8 out of 10.0, highlighting its criticality. The maintainer has acknowledged that new bypasses will likely be discovered in the future, urging users to keep the library up to date and consider alternatives like isolated-vm for stronger isolation guarantees.

Open in new tab

Critical Linux Vulnerabilities Exploited in the Wild

CISA added two Linux vulnerabilities to its KEV catalog, including a critical authentication bypass in GNU Inetutils (CVE-2026-24061) and an integer overflow in the Linux kernel (CVE-2018-14634). The GNU Inetutils flaw has been actively exploited, with reports of 60 exploitation attempts from 18 unique sources. The vulnerabilities affect various versions of Linux systems, with potential for remote code execution and privilege escalation.

Open in new tab

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in the mcp-server-git, maintained by Anthropic, allow file access, deletion, and code execution via prompt injection. The flaws have been addressed in versions 2025.9.25 and 2025.12.18. The vulnerabilities include path traversal and argument injection issues that can be exploited to manipulate Git repositories and execute arbitrary code. The issues were disclosed by Cyata researcher Yarden Porat, highlighting the risks of prompt injection attacks without direct system access. The vulnerabilities affect all versions of mcp-server-git released before December 8, 2025, and apply to default installations. An attacker only needs to influence what an AI assistant reads to trigger the vulnerabilities. The flaws allow attackers to execute code, delete arbitrary files, and load arbitrary files into a large language model's context. While the vulnerabilities do not directly exfiltrate data, sensitive files may still be exposed to the AI, creating downstream security and privacy risks. The vulnerabilities have been assigned CVE-2025-68143, CVE-2025-68144, and CVE-2025-68145.

Open in new tab

Critical deserialization flaw in DELMIA Apriso MOM actively exploited

A critical deserialization vulnerability (CVE-2025-5086) in Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software is actively exploited, with a CVSS score of 9.0. The flaw affects versions from Release 2020 through Release 2025 and allows for remote code execution (RCE). In addition to CVE-2025-5086, two more vulnerabilities (CVE-2025-6205 and CVE-2025-6204) in DELMIA Apriso have been identified and are actively exploited. CVE-2025-6205 is a critical-severity missing authorization flaw, and CVE-2025-6204 is a high-severity code injection vulnerability. Both were patched by Dassault Systèmes in early August 2025. The vulnerabilities can be chained together to create accounts with elevated privileges and place executable files into a web-served directory. The product exposes a SOAP-based message processor endpoint that accepts XML payloads for bulk employee/identity provisioning and a file upload API used by portal components but that is accessible only post-authentication. DELMIA Apriso is used in production processes for digitalizing and monitoring, and is deployed in automotive, aerospace, electronics, high-tech, and industrial machinery divisions. CISA has added these flaws to its Known Exploited Vulnerabilities (KEV) catalog, and FCEB agencies are advised to apply updates by November 18, 2025, to secure their networks. Additionally, a new vulnerability (CVE-2025-24893) in XWiki has been identified and is actively exploited. This flaw allows for arbitrary remote code execution through a request to the /bin/get/Main/SolrSearch endpoint and is being exploited in a two-stage attack chain that delivers a cryptocurrency miner. The vulnerability was reported by John Kwak of Trend Micro in May 2024 and was addressed in XWiki versions 15.10.11, 16.4.1, and 16.5.0RC1 in June 2024. Technical details on the bug emerged roughly half a year later, and an NVD advisory was published in February 2025. Numerous proof-of-concept (PoC) exploits targeting the vulnerability have been available since early 2025. CrowdSec observed the vulnerability being abused for reconnaissance earlier this year but noted a decline in activity. VulnCheck identified in-the-wild attacks exploiting CVE-2025-24893 to deploy a cryptocurrency miner. The attacks proceed in a two-pass workflow separated by at least 20 minutes: the first pass stages a downloader, and the second pass executes it. The observed traffic originates from an IP address geolocated to Vietnam that has been associated with other malicious activity. The RondoDox botnet has been observed targeting unpatched XWiki instances to exploit CVE-2025-24893. VulnCheck observed a spike in exploitation attempts, with peaks on November 7 and November 11, 2025. RondoDox is adding new exploitation vectors to rope susceptible devices into a botnet for conducting DDoS attacks using HTTP, UDP, and TCP protocols. The first RondoDox exploit was observed on November 3, 2025. Other attacks have been observed exploiting the flaw to deliver cryptocurrency miners, establish a reverse shell, and conduct general probing activity using a Nuclei template for CVE-2025-24893.

Open in new tab

Malicious nx Packages Exfiltrate Credentials in 's1ngularity' Supply Chain Attack

The Shai-Hulud worm, a self-replicating malware that initially compromised 187 npm packages in mid-September 2025, has evolved into a broader supply chain threat, exposing over 400,000 developer secrets across 30,000 GitHub repositories. The latest development reveals that NPM's post-Shai-Hulud defenses, including the '--ignore-scripts' flag, can be bypassed via Git dependencies through vulnerabilities collectively named *PackageGate*. These flaws allow malicious '.npmrc' files to override the git binary path, enabling full code execution even when script execution is disabled. While Bun, pnpm, and vlt patched their respective vulnerabilities, NPM rejected the report, citing user responsibility for vetting packages. Proof-of-concept exploits demonstrate the practical risk, with reverse shells already observed in the wild. The attack initially spread by injecting malicious scripts into npm packages, using TruffleHog to scan for and exfiltrate credentials, and creating unauthorized GitHub Actions workflows. A second wave, *Sha1-Hulud*, expanded the attack to over 800 packages, introducing a preinstall script (setup_bun.js) that leveraged the Bun runtime to evade detection. This variant also included a destructive wiper mechanism targeting victims' home directories if persistence failed. The malware's self-replicating nature allowed it to cascade through maintainer accounts, compromising downstream projects at scale. GitHub and security firms like Wiz and GitGuardian have urged developers to rotate credentials, audit dependencies, and harden CI/CD environments, but the newly disclosed PackageGate vulnerabilities underscore ongoing risks in the npm ecosystem.

Open in new tab