Escaping the Browser Sandbox via the Windows Kernel Vulnerability CVE-2026-40369

The article examines the vulnerability CVE-2026-40369, which enables a browser sandbox escape due to an error in handling a system call. The author shows how even a limited ability to write to kernel memory can be turned into a full exploitation primitive.

The material подробно demonstrates the exploitation process, including gaining SYSTEM privileges and bypassing security mechanisms. Ultimately, the vulnerability allows an attacker to move from code execution inside the browser to full control over the operating system.

📎 Article: https://voidsec.com/cve-2026-40369-browser-sandbox-escape/

💬 Discuss