Ravie LakshmananJan 27, 2026Vulnerability / Cloud Safety
A essential safety flaw has been disclosed in Grist‑Core, an open-source, self-hosted model of the Grist relational spreadsheet-database, that might lead to distant code execution.
The vulnerability, tracked as CVE-2026-24002 (CVSS rating: 9.1), has been codenamed Cellbreak by Cyera Analysis Labs.
“One malicious method can flip a spreadsheet right into a Distant Code Execution (RCE) beachhead,” safety researcher Vladimir Tokarev, who found the flaw, stated. “This sandbox escape lets a method creator execute OS instructions or run host‑runtime JavaScript, collapsing the boundary between ‘cell logic’ and host execution.”
Cellbreak is categorized as a case of Pyodide sandbox escape, the identical type of vulnerability that additionally not too long ago impacted n8n (CVE-2025-68668, CVSS rating: 9.9, aka N8scape). The vulnerability has been addressed in model 1.7.9, launched on January 9, 2026.
“A safety evaluate recognized a vulnerability within the ‘pyodide’ sandboxing technique that’s out there in Grist,” the mission maintainers stated. “You’ll be able to verify if you’re affected within the sandboxing part of the Admin Panel of your occasion. Should you see ‘gvisor’ there, then you aren’t affected. Should you see ‘pyodide,’ then it is very important replace to this model of Grist or later.”
In a nutshell, the issue is rooted in Grist’s Python method execution, which permits untrusted formulation to be run inside Pyodide, a Python distribution that permits common Python code to be executed instantly in an internet browser throughout the confines of a WebAssembly (WASM) sandbox.
Whereas the thought behind this thought course of is to make sure that Python method code is run in an remoted surroundings, the truth that Grist makes use of a blocklist-style method makes it attainable to flee the sandbox and finally obtain command execution on the underlying host.
“The sandbox’s design permits traversal by means of Python’s class hierarchy and leaves ctypes out there, which collectively open entry to Emscripten runtime features that ought to by no means be reachable from a method cell,” Tokarev defined. “That mixture allows host command execution and JavaScript execution within the host runtime, with sensible outcomes like filesystem entry and secret publicity.”
In line with Grist, when a consumer has set GRIST_SANDBOX_FLAVOR to Pyodide and opens a malicious doc, that doc could possibly be used to run arbitrary processes on the server internet hosting Grist. Armed with this functionality to execute instructions or JavaScript through a method, an attacker can leverage this habits to entry database credentials and API keys, learn delicate recordsdata, and current lateral motion alternatives.
Grist has addressed the issue by transferring Pyodide method execution beneath the Deno JavaScript runtime by default. Nonetheless, it is value noting that the danger rears its head as soon as once more if an operator explicitly chooses to set GRIST_PYODIDE_SKIP_DENO to the worth “1.” The setting must be prevented in situations the place untrusted or semi‑trusted formulation are prone to be run.
Customers are advisable to replace to the most recent model as quickly as attainable to mitigate potential dangers. To briefly mitigate the problem, it is suggested to set the GRIST_SANDBOX_FLAVOR surroundings variable to “gvisor.”
“This mirrors the systemic danger present in different automation platforms: a single execution floor with privileged entry can collapse organizational belief boundaries when its sandbox fails,” Tokarev stated.
“When method execution depends on a permissive sandbox, a single escape can flip ‘knowledge logic’ into ‘host execution.’ The Grist-Core findings present why sandboxing must be capability-based and defense-in-depth, not a fragile blocklist. The price of failure isn’t just a bug – it’s a data-plane breach.”
