PatchSiren cyber security CVE debrief
CVE-2026-47213 boxlite-ai CVE debrief
Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to run untrusted code. In versions 0.8.2 and prior, Boxlite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, Boxlite sends a signal to kill the process. However, instead of using the uncatchable SIGKILL signal, Boxlite uses the catchable SIGALRM signal. Malicious code running inside the sandbox can exploit this vulnerability to continue running after the timeout is triggered, leading to resource exhaustion within the virtual machine and affecting the availability of the Boxlite service.
- Vendor
- boxlite-ai
- Product
- boxlite
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-11
Who should care
Users of Boxlite versions 0.8.2 and prior should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability exists in the Boxlite sandbox service, which uses the catchable SIGALRM signal instead of the uncatchable SIGKILL signal when killing processes after a timeout. This allows malicious code to continue running and cause resource exhaustion.
Defensive priority
MEDIUM
Recommended defensive actions
- Update to a version of Boxlite that uses the SIGKILL signal for killing processes after a timeout.
- Restrict access to the Boxlite service to trusted users only.
- Monitor Boxlite service logs for suspicious activity.
Evidence notes
The CVE-2026-47213 vulnerability was patched via commit 28159fc.
Official resources
CVE-2026-47213 was published on 2026-06-10T23:16:48.323Z and modified on 2026-06-11T15:21:07.370Z.