CVE-2026-45313
Summary: Sandboxie-Plus on Windows contains a local privilege escalation in GuiServer.cpp prior to v1.17.6. The GuiServer::WndHookRegisterSlave handler stores attacker-supplied hthread and hproc from GUI_WND_HOOK_REGISTER without validating thread belonging to the sandbox or the function pointer’...