CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2026-0757 – MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2026-0757
09 Jan 2026 — This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. ... An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code in the context of the current process at medium integrity. •
CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0CVE-2025-69234
https://notcve.org/view.php?id=CVE-2025-69234
30 Dec 2025 — Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment. • https://cve.naver.com/detail/cve-2025-69234.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-68668 – n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node
https://notcve.org/view.php?id=CVE-2025-68668
26 Dec 2025 — From version 1.0.0 to before 2.0.0, a sandbox bypass vulnerability exists in the Python Code Node that uses Pyodide. ... Workarounds for this issue involve disabling the Code Node by setting the environment variable NODES_EXCLUDE: "[\"n8n-nodes-base.code\"]", disabling Python support in the Code node by setting the environment variable N8N_PYTHON_ENABLED=false, which was introduced in n8n version 1.104.0, and configuring n8n to use the task runner based Python sandbox via the N8N_RUNNER... • https://github.com/n8n-io/n8n/security/advisories/GHSA-62r4-hw23-cc8v • CWE-693: Protection Mechanism Failure •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-14372 – openSUSE Security Advisory - openSUSE-SU-2025-20161-1
https://notcve.org/view.php?id=CVE-2025-14372
12 Dec 2025 — Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. • https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-66419 – MaxKB vulnerable to privilege escalation through sandbox bypass
https://notcve.org/view.php?id=CVE-2025-66419
11 Dec 2025 — In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. • https://github.com/1Panel-dev/MaxKB/commit/f8ada9a110c4dbef8c3c2636c78847ecd621ece7 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-64721 – Sandboxie's Integer Overflow in SbieIniServer::RC4Crypt allows sandbox escape and SYSTEM compromise
https://notcve.org/view.php?id=CVE-2025-64721
11 Dec 2025 — Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. • https://github.com/sandboxie-plus/Sandboxie/commit/000492f8c411d24292f1b977a107994347bc7dfa • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14333 – Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
https://notcve.org/view.php?id=CVE-2025-14333
09 Dec 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639 •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-14331 – Same-origin policy bypass in the Request Handling component
https://notcve.org/view.php?id=CVE-2025-14331
09 Dec 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=2000218 • CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14330 – JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2025-14330
09 Dec 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=1997503 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-686: Function Call With Incorrect Argument Type CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14329 – Privilege escalation in the Netmonitor component
https://notcve.org/view.php?id=CVE-2025-14329
09 Dec 2025 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=1997018 •