Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Terrarium CVE-2026-5752 mitigation guidance

Advisory/Mitigation
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

CERT/CC issued mitigation guidance for Terrarium deployments exposed to CVE-2026-5752, a sandbox-escape flaw that can lead to root code execution. The advice is meant to reduce exposure where users can submit code to the sandbox and where container access could be abused. The guidance emphasizes network segmentation, a Web Application Firewall, and container monitoring while the project remains unlikely to receive a patch.

Related Happenings

Ivanti security patch release for CVE-2026-8043

Security Patch Release
First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Vm2 Node.js sandbox escape and RCE vulnerabilities (CVE-2026-24118)

Vulnerability
First: 07.05.2026 07:15 Last: 07.05.2026 07:15 Sources 1

About this happening: **vm2** now has **multiple critical vulnerabilities** that can let attacker-controlled JavaScript **escape the sandbox** and reach the host, creating **arbitrary code execution**...

Open Happening

PAN-OS User-ID Authentication Portal mitigation guidance (CVE-2026-0300)

Advisory/Mitigation
First: 06.05.2026 09:14 Last: 06.05.2026 09:14 Sources 1

About this happening: Palo Alto Networks issued **mitigation guidance** for **CVE-2026-0300** after the **PAN-OS User-ID Authentication Portal** flaw was reported **exploited in the wild**, leaving pub...

Open Happening

CPanel CVE-2026-41940 mitigation guidance

Advisory/Mitigation
First: 30.04.2026 14:40 Last: 30.04.2026 14:40 Sources 1

About this happening: cPanel issued mitigation guidance for **CVE-2026-41940** after fixes became available for **cPanel, WHM, and WP Squared**, urging customers to restart **cpsrvd** to reduce exposur...

Open Happening

Linux distributions mitigation advisories for CVE-2026-31431

Advisory/Mitigation
First: 30.04.2026 12:24 Last: 30.04.2026 12:24 Sources 1

About this happening: Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...

Open Happening

Timeline

  1. 22.04.2026 10:16 1 articles · 1mo ago

    Terrarium CVE-2026-5752 disclosure

    Initial Disclosure

    Cohere AI's Terrarium Python sandbox is disclosed as having CVE-2026-5752, a critical flaw rated CVSS 9.3 that can enable arbitrary code execution and root code execution via JavaScript prototype chain traversal in the Pyodide WebAssembly environment.

    Show sources
    Open in new tab
  2. 22.04.2026 10:16 2 articles · 1mo ago

    CERT/CC mitigation guidance for Terrarium

    Mitigation Patch Update

    CERT/CC advises Terrarium users and operators to reduce exposure by disabling user code submission where possible, segmenting the network, deploying a Web Application Firewall, monitoring container activity, limiting access to authorized personnel, using secure container orchestration, and keeping dependencies up to date; the project is no longer actively maintained, so patching is unlikely.

    Show sources
    Open in new tab