Which versions of Sandboxie-Plus are affected by CVE-2026-34464?

Sandboxie-Plus versions 1.17.2 and earlier contain a critical stack buffer overflow in the SbieSvc service that allows sandboxed processes to escape isolation and execute arbitrary code with SYSTEM…. A patch is available.

Sandboxie-Plus CVE-2026-34464

Q: What is the CVSS score of CVE-2026-34464?

CVE-2026-34464 has a CVSS 4.0 base score of 8.8 (High). CVSS vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-27464 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-05-05 GitHub_M

RCE Buffer Overflow Microsoft Stack Overflow

8.8

CVSS 4.0

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Patch available

May 05, 2026 - 21:02 EUVD

Analysis Generated

May 05, 2026 - 20:31 vuln.today

CVSS changed

May 05, 2026 - 20:22 NVD

8.8 (HIGH)

DescriptionNVD

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fixed WCHAR pipename[160] stack buffer using wcscat without verifying null termination. The handler only enforces a minimum packet size, and since the service pipe accepts variable-length messages, a sandboxed caller can fill the server[48] field with non-zero data and append additional controlled wide characters after the structure. wcscat then reads past the fixed field and overflows the stack buffer in the SYSTEM service. This message is restricted to sandboxed callers, making it a sandbox escape vector. This can lead to a crash of the SbieSvc service or potential code execution as SYSTEM. This issue has been fixed in version 1.17.3.

AnalysisAI

Stack-based buffer overflow in Sandboxie-Plus SbieSvc service enables sandboxed processes to escape isolation and execute code as SYSTEM. Affected versions 1.17.2 and earlier allow malicious sandboxed code to overflow a fixed 160-wide-character stack buffer in NamedPipeServer::OpenHandler via crafted named pipe open requests, bypassing the fundamental security boundary Sandboxie provides. …

RemediationAI

Within 24 hours: Identify all systems running Sandboxie-Plus version 1.17.2 or earlier via inventory/endpoint management tools; assess which systems contain critical sandboxed workflows. Within 7 days: Upgrade all instances to Sandboxie-Plus version 1.17.3 or later; prioritize systems that sandbox untrusted or third-party applications. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory