PatchSiren

sandboxie-plus CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH sandboxie-plus CVE published 2026-07-15

CVE-2026-45313

CVE-2026-45313 is a high-severity vulnerability in Sandboxie-Plus, a sandbox-based isolation software for Windows. The vulnerability exists in the GuiServer::WndHookRegisterSlave and GuiServer::WndHookNotifySlave functions, which store and use attacker-supplied thread and function pointers without proper validation. This allows a sandboxed process to execute arbitrary code in an unsandboxed host process w [truncated]