CVE-2026-11634

CVE-2026-11634 describes a use-after-free in Chrome’s Gamepad handling on Windows, exploitable via a crafted HTML page to potentially escape the Chromium sandbox. Affected: Google Chrome on Windows, prior to version 149.0.7827.103. Impact: remote attacker could achieve sandbox escape with a high ...

CVE-2026-10971

Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10940

Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10913

Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-9890

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9937

Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

The incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

EUVD-2026-27464

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...

CVE-2026-32603

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the...

Sandboxie Plus code issue and vulnerabilities

Sandboxie Plus is an open-source Windows sandboxing tool developed by Sandboxie Plus. Version 0.7.2 of Sandboxie Plus has a code vulnerability; this vulnerability stems from a service path in the SbieSvc service that lacks quotation marks, which may allow local attackers to execute code with...

Gen Digital Antivirus 安全漏洞

Gen Digital Antivirus is an antivirus software from Gen Digital, Inc. A security vulnerability exists in Gen Digital Antivirus versions prior to 25.3, which stems from a double-acquisition issue in the Windows Sandbox kernel driver that could lead to a local attacker achieving elevation of...

CVE-2025-61303

Hatching Triage Sandbox Windows 10 build 2004 2025-08-14 and Windows 10 LTSC 20212025-08-14 contains a vulnerability in its Windows behavioral analysis engine that allows a submitted malware sample to evade detection and cause denial-of-analysis. The vulnerability is triggered when a sample...

CVE-2025-61303

Hatching Triage Sandbox Windows 10 build 2004 2025-08-14 and Windows 10 LTSC 20212025-08-14 contains a vulnerability in its Windows behavioral analysis engine that allows a submitted malware sample to evade detection and cause denial-of-analysis. The vulnerability is triggered when a sample...

CVE-2025-61303

Hatching Triage Sandbox Windows 10 build 2004 2025-08-14 and Windows 10 LTSC 20212025-08-14 contains a vulnerability in its Windows behavioral analysis engine that allows a submitted malware sample to evade detection and cause denial-of-analysis. The vulnerability is triggered when a sample...

Exploit for CVE-2025-61303

CVE-2025-61303 - RecordedFuture Triage: Denial-Of-Analysis via...

EUVD-2016-0045

Malware in sbrugna...

EUVD-2019-3364

Malware in sbrugna...

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2019-11694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an...