CVE-2026-34596 | sandboxie-plus Sandboxie up to 1.17.2 on Windows SandMan Interface UpdUtil.exe toctou

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability described as critical has been identified in sandboxie-plus Sandboxie up to 1.17.2 on Windows. Affected by this vulnerability is an unknown functionality of the file UpdUtil.exe of the component SandMan Interface. Executing a manipulation can lead to time-of-check time-of-use.

This vulnerability is registered as CVE-2026-34596. The attack needs to be launched locally. No exploit is available.

Upgrading the affected component is recommended.

CVE-2026-34596 | sandboxie-plus Sandboxie up to 1.17.2 on Windows SandMan Interface UpdUtil.exe toctou

Post correlati

CVE-2024-25503 | Advanced REST Client 17.0.9 New Project cross site scripting

CVE-2024-7889 | Citrix Workspace App prior 2402 LTSR CU1/CR 2405 on Windows Local Privilege Escalation (CTX691485)

CVE-2025-24010 | vitejs vite up to 4.5.5/5.4.11/6.0.8 origin validation

CVE-2026-37748 | Visitor Management System 1.0 admin_user_insert.php move_uploaded_file unrestricted upload