Medium severity6.5NVD Advisory· Published May 5, 2026· Updated May 7, 2026

CVE-2026-32603

Description

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the \Device\SandboxieDriverApi driver, triggering an immediate kernel crash (BSOD). The vulnerability affects the Standard Sandbox configuration both with and without dropped administrator privileges, but does not affect the Security Hardened Sandbox configuration. This issue has been fixed in version 1.17.3. Users who cannot update can use the Security Hardened Sandbox configuration as a workaround.

Affected products

Sandboxie Plus/Sandboxiereferences2 versions
(expand)+ 1 more
- (no CPE)
- cpe:2.3:a:sandboxie-plus:sandboxie:*:*:*:*:plus:*:*:*range: <1.17.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-vvf8-cf4j-v8fvnvdExploitVendor Advisory
github.com/sandboxie-plus/Sandboxie/releases/tag/v1.17.3nvdRelease Notes

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000