Sandboxie-plus Sandboxie — known CVE vulnerabilities
Every CVE whose affected-product data names Sandboxie-plus Sandboxie, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2018-18748 — CVSS 10.0 (critical): Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py…
CVE-2025-64721 — CVSS 10.0 (critical): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the…
CVE-2024-49360 — CVSS 9.2 (critical): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user (**UserA**)…
CVE-2026-34464 — CVSS 8.8 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler…
CVE-2026-34459 — CVSS 8.8 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's…
CVE-2026-34458 — CVSS 8.8 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection…
CVE-2026-34461 — CVSS 7.8 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer…
CVE-2026-34462 — CVSS 7.8 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer…
CVE-2025-46713 — CVSS 7.8 (high): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and…
CVE-2025-46714 — CVSS 7.8 (high): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and…
CVE-2025-46715 — CVSS 7.8 (high): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and…
CVE-2026-34596 — CVSS 7.0 (high): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a Time-of-Check-to-Time-of-Us…
CVE-2026-32603 — CVSS 6.5 (medium): Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service…
CVE-2019-25551 — CVSS 6.2 (medium): Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively…
CVE-2025-54422 — CVSS 5.5 (medium): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.1 and below, a…
CVE-2025-46716 — CVSS 5.5 (medium): Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and…
CVE-2026-34527 — CVSS 5.3 (medium): Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword…