CVE-2025-46713

High CVSS 7.8

Overview

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, API_SET_SECURE_PARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requested, and a buffer overflow. Version 1.15.12 fixes the issue.

CWE: CWE-120 Published: 2025-05-22T13:15:57.650

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.8 (HIGH)
Detected tags: buffer (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags