Local Denial of Service Vulnerability in Sandboxie Isolation Software
CVE-2026-32603

8.2HIGH

Key Information:

Vendor: Sandboxie-plus
Status: Sandboxie
Vendor: CVE Published:; 5 May 2026

🔔 Create Sandboxie-plus Vulnerability Alert

What is CVE-2026-32603?

Sandboxie, an open-source isolation software for Windows, has a local denial of service vulnerability in its kernel driver affecting versions 1.17.2 and earlier. An unprivileged process running within a Standard Sandbox can exploit this issue by sending a malformed IOCTL to the \Device\SandboxieDriverApi driver, leading to a crash of the kernel (BSOD). This vulnerability impacts both configurations of the Standard Sandbox, regardless of administrator privileges, while the Security Hardened Sandbox configuration remains unaffected. Users are encouraged to update to version 1.17.3 where this issue has been resolved. Alternatively, those who cannot update may consider using the Security Hardened Sandbox configuration as a temporary measure.

Affected Version(s)

Sandboxie < 1.17.3

References

https://github.com/sandboxie-plus/Sandboxie/security/advi...

x_refsource_CONFIRM

https://github.com/sandboxie-plus/Sandboxie/releases/tag/...

x_refsource_MISC

CVSS V4

Score:

8.2

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
Mar 12, 2026

CVE-2026-32603 Data

JSON