CVE-2026-5752

🗓️ 14 Apr 2026 17:53:10Reported by certccType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 2 Views

Terrarium sandbox escape allows root arbitrary code execution on host via JavaScript prototype chain.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-5752	14 Apr 202617:53	–	attackerkb
Circl	CVE-2026-5752	14 Apr 202620:08	–	circl
CNNVD	Terrarium 安全漏洞	14 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-5752 CVE-2026-5752	14 Apr 202617:53	–	cvelist
EUVD	EUVD-2026-22676	14 Apr 202618:30	–	euvd
NVD	CVE-2026-5752	14 Apr 202618:17	–	nvd
Positive Technologies	PT-2026-32894	14 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-5752	21 Apr 202619:23	–	redhatcve
The Hacker News	Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape	22 Apr 202607:16	–	thn
CERT	Terrarium contains a vulnerability that allows arbitrary code execution	21 Apr 202600:00	–	cert

[
  {
    "vendor": "Cohere",
    "product": "cohere-terrarium",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.1"
      }
    ]
  }
]

Source	Link
github	www.github.com/cohere-ai/cohere-terrarium
kb	www.kb.cert.org/vuls/id/414811
kb	www.kb.cert.org/vuls/id/414811

23 Apr 2026 12:19Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.19.3

EPSS0.00026

SSVC