VIR Vulnerability Intelligence Relay

CVE-2026-32603

medium
Published 2026-05-05 · Modified 2026-05-07
CVSS v3
6.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVSS v2
VIR risk
6.5

Description

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the \Device\SandboxieDriverApi driver, triggering an immediate kernel crash (BSOD). The vulnerability affects the Standard Sandbox configuration both with and without dropped administrator privileges, but does not affect the Security Hardened Sandbox configuration. This issue has been fixed in version 1.17.3. Users who cannot update can use the Security Hardened Sandbox configuration as a workaround.

Predictions

Exploit likelihood
65%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: security-advisories@github.com — https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-vvf8-cf4j-v8fv

vendor Authored 2026-05-27

Vendor advisory: security-advisories@github.com — https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.3

Application impact
VendorProductVersionsFixed
sandboxie-plussandboxie{"endExcluding":"1.17.3"}1.17.3

References

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.