CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-4725 – Sandbox escape due to use-after-free in the Graphics: Canvas2D component
https://notcve.org/view.php?id=CVE-2026-4725
24 Mar 2026 — Sandbox escape due to use-after-free in the Graphics: Canvas2D component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017108 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: -EXPL: 0CVE-2026-4692 – Sandbox escape in the Responsive Design Mode component
https://notcve.org/view.php?id=CVE-2026-4692
24 Mar 2026 — Sandbox escape in the Responsive Design Mode component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2017643 •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4690 – Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
https://notcve.org/view.php?id=CVE-2026-4690
24 Mar 2026 — Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016375 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2026-4689 – Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component
https://notcve.org/view.php?id=CVE-2026-4689
24 Mar 2026 — Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016374 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2026-4688 – Sandbox escape due to use-after-free in the Disability Access APIs component
https://notcve.org/view.php?id=CVE-2026-4688
24 Mar 2026 — Sandbox escape due to use-after-free in the Disability Access APIs component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016373 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2026-4687 – Sandbox escape due to incorrect boundary conditions in the Telemetry component
https://notcve.org/view.php?id=CVE-2026-4687
24 Mar 2026 — Sandbox escape due to incorrect boundary conditions in the Telemetry component. • https://bugzilla.mozilla.org/show_bug.cgi?id=2016368 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2026-4676
https://notcve.org/view.php?id=CVE-2026-4676
24 Mar 2026 — Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2026-27646 – OpenClaw < 2026.3.7 - Sandbox Escape via /acp spawn Command
https://notcve.org/view.php?id=CVE-2026-27646
23 Mar 2026 — OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. • https://vulncheck.com/advisories/openclaw-mar-sandbox-escape-via-acp-spawn-command • CWE-863: Incorrect Authorization •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2026-32048 – OpenClaw < 2026.3.1 - Sandbox Escape via Cross-Agent sessions_spawn
https://notcve.org/view.php?id=CVE-2026-32048
21 Mar 2026 — OpenClaw versions prior to 2026.3.1 fail to enforce sandbox inheritance during cross-agent sessions_spawn operations, allowing sandboxed sessions to create child processes under unsandboxed agents. An attacker with a sandboxed session can exploit this to spawn child runtimes with sandbox.mode set to off, bypassing runtime confinement restrictions. Las versiones de OpenClaw anteriores a 2026.3.1 fallan en aplicar la herencia de sandbox durante las operaciones de sessions_spawn entre agentes, permitiendo que ... • https://www.vulncheck.com/advisories/openclaw-sandbox-escape-via-cross-agent-sessions-spawn • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-32046 – OpenClaw < 2026.2.21 - OS-level Sandbox Bypass via --no-sandbox Flag
https://notcve.org/view.php?id=CVE-2026-32046
21 Mar 2026 — OpenClaw versions prior to 2026.2.21 contain an improper sandbox configuration vulnerability that allows attackers to execute arbitrary code by exploiting renderer-side vulnerabilities without requiring a sandbox escape. • https://www.vulncheck.com/advisories/openclaw-os-level-sandbox-bypass-via-no-sandbox-flag • CWE-1188: Initialization of a Resource with an Insecure Default •