CVE-2026-24002: Critical Sandbox Escape Turns Grist Spreadsheets into RCE Weapons

A seemingly innocent spreadsheet formula could be the key to compromising entire organizations, thanks to a critical vulnerability uncovered by Cyera Research Labs in Grist-Core. The flaw, tracked as CVE-2026-24002 and carrying a CVSS score of 9.1, allows attackers to break out of the platform’s Pyodide sandbox and achieve full Remote Code Execution (RCE).

Grist is widely used across government, education, and industry as a programmable alternative to Excel. Its power lies in its ability to run Python code within cells to automate workflows. However, researchers found that this “programmable data plane” was built on a fragile foundation.

Unlike traditional attacks that rely on obvious code injection, this exploit “weaponizes a legitimate data package”. The attack “rides the same data-processing path Grist uses to evaluate formulas,” turning routine spreadsheet updates into a silent takeover.

The report details three distinct ways attackers can shatter the sandbox boundaries:

• Class Hierarchy Traversal: Using Python’s object model to reach forbidden built-in functions like os.system().
• Direct C Library Access: leveraging ctypes to call system functions directly from memory.
• Emscripten Runtime Abuse: calling emscripten_run_script_string() to execute JavaScript in the host runtime.

The result is critical: “A sandbox escape is not just local server RCE – it becomes RCE in the SaaS control plane that runs tenants’ workflows”.

Grist’s security team acted promptly to patch the issue. The solution involved a fundamental architectural shift: moving Pyodide formula execution under Deno by default.

“That matters because it changes the failure mode: instead of ‘a Pyodide escape immediately becomes host compromise,’ the host runtime is now mediated by Deno’s permission model”.

Administrators are urged to upgrade to Grist version 1.7.9 or later immediately. However, they must be careful not to disable the new protections. The report warns that setting the flag GRIST_PYODIDE_SKIP_DENO=1 bypasses the fix, and “should be treated as an explicit opt-in to a weaker isolation boundary”.

The researchers note, “When an automation or data platform becomes a trusted execution plane, a sandbox escape becomes a trust-boundary collapse, not just a single-server bug”.

Related Posts:

• n8n Sandbox Escape: How CVE-2025-68668 Turns Workflows into Weapons
• High-Severity Deno Flaw CVE-2025-61787 Allows Command Injection on Windows
• Critical Deno Flaws Risk Secrets (CVE-2026-22863) & Execution (CVE-2026-22864)
• CVE-2023-28445: Critical security vulnerability in the popular runtime, Deno