CVE-2025-46716

Name of the Vulnerable Software and Affected Versions Sandboxie versions 1.3.0 through 1.15.12

Description The issue arises from the failure of Api SetSecureParam to sanitize incoming pointers, implicitly trusting the pointer passed by the user as safe to read from. This allows SetRegValue to read an arbitrary address, potentially a kernel pointer, into a HKLM Security SBIE registry value, which can later be retrieved by API GET SECURE PARAM.

Recommendations For versions prior to 1.15.12, update to version 1.15.12 to resolve the issue. As a temporary workaround, consider restricting access to the Api SetSecureParam and SetRegValue functions until the update is applied.