PatchSiren cyber security CVE debrief
CVE-2026-46703 boxlite-ai CVE debrief
CVE-2026-46703 is a critical vulnerability in Boxlite, a sandbox service for running untrusted code. The flaw allows attackers to write arbitrary content to any path on the host, potentially leading to remote code execution. This issue was patched in version 0.9.0.
- Vendor
- boxlite-ai
- Product
- boxlite
- CVSS
- CRITICAL 9.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-11
Who should care
Users of Boxlite versions prior to 0.9.0 should update to the latest version to mitigate this vulnerability.
Technical summary
Boxlite, a sandbox service for running untrusted code, had a vulnerability (CVE-2026-46703) that allowed users to specify OCI images for containers. However, Boxlite did not properly handle tar entries in OCI images that were symlinks to absolute paths. An attacker could craft a malicious OCI image, distribute it on platforms like DockerHub, and trick users into using it. Once loaded, the attacker could write arbitrary content to any host path, potentially leading to remote code execution.
Defensive priority
High
Recommended defensive actions
- Update Boxlite to version 0.9.0 or later.
- Be cautious when loading OCI images from untrusted sources.
- Monitor for suspicious activity in your Boxlite environment.
Evidence notes
CVE-2026-46703 has a CVSS score of 9.6 and is considered CRITICAL.
Official resources
CVE-2026-46703 was published on 2026-06-10T23:16:47.893Z and modified on 2026-06-11T15:21:07.370Z.