Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2025-66479 | Mondoo Vulnerability Intelligence

CVE-2025-66479

LOW1.8

Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing

Published Dec 4, 2025

Modified 1 months ago

No fix available

Details

Anthropic Sandbox Runtime is a lightweight sandboxing tool for enforcing filesystem and network restrictions on arbitrary processes at the OS level, without requiring a container. Prior to 0.0.16, due to a bug in sandboxing logic, sandbox-runtime did not properly enforce a network sandbox if the sandbox policy did not configure any allowed domains. This could allow sandboxed code to make network requests outside of the sandbox. A patch for this was released in v0.0.16.

References

WEBhttps://github.com/anthropic-experimental/sandbox-runtime/commit/bea2930cc1db9c73a1b15acf6dc19c5261aec1f3 WEBhttps://github.com/anthropic-experimental/sandbox-runtime/security/advisories/GHSA-9gqj-5w7c-vx47 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-66479

CVSS Analysis

CVSS v4.0

1.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Attack Requirements

PresentAT:P

Privileges Required

HighPR:H

User Interaction

NoneUI:N

Vulnerable System

Vuln. Confidentiality

LowVC:L

Vuln. Integrity

NoneVI:N

Vuln. Availability

NoneVA:N

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

NoneSI:N

Subseq. Availability

NoneSA:N

1.8/CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedDec 4, 2025

ModifiedDec 5, 2025