Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-34527

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-05 May, 2026 | 19:33
Updated At-06 May, 2026 | 12:23
Rejected At-
Credits

Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit value. As a result, the stored EditPassword hash only preserves the low nibble of each digest byte, reducing the effective entropy from 160 bits to 80 bits. This is layered on top of an unsalted SHA-1 scheme. The reduced entropy makes leaked or backed-up password hashes materially easier to brute-force. This issue has been fixed in version 1.17.3.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:05 May, 2026 | 19:33
Updated At:06 May, 2026 | 12:23
Rejected At:
▼CVE Numbering Authority (CNA)
Sandboxie-Plus EditPassword hash entropy reduced from 160 bits to 80 bits due to incorrect nibble extraction

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit value. As a result, the stored EditPassword hash only preserves the low nibble of each digest byte, reducing the effective entropy from 160 bits to 80 bits. This is layered on top of an unsalted SHA-1 scheme. The reduced entropy makes leaked or backed-up password hashes materially easier to brute-force. This issue has been fixed in version 1.17.3.

Affected Products
Vendor
sandboxie-plus
Product
Sandboxie
Versions
Affected
  • < 1.17.3
Problem Types
TypeCWE IDDescription
CWECWE-328CWE-328: Use of Weak Hash
Type: CWE
CWE ID: CWE-328
Description: CWE-328: Use of Weak Hash
Metrics
VersionBase scoreBase severityVector
4.02.0LOW
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Version: 4.0
Base score: 2.0
Base severity: LOW
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
x_refsource_CONFIRM
Hyperlink: https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
exploit
Hyperlink: https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:05 May, 2026 | 20:16
Updated At:08 May, 2026 | 19:17

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit value. As a result, the stored EditPassword hash only preserves the low nibble of each digest byte, reducing the effective entropy from 160 bits to 80 bits. This is layered on top of an unsalted SHA-1 scheme. The reduced entropy makes leaked or backed-up password hashes materially easier to brute-force. This issue has been fixed in version 1.17.3.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.02.0LOW
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Secondary
Version: 4.0
Base score: 2.0
Base severity: LOW
Vector:
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CPE Matches
sandboxie-plus
sandboxie-plus
>>sandboxie>>Versions before 1.17.3(exclusive)
cpe:2.3:a:sandboxie-plus:sandboxie:*:*:*:*:plus:*:*:*
Weaknesses
CWE IDTypeSource
CWE-328Secondarysecurity-advisories@github.com
CWE ID: CWE-328
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2security-advisories@github.com
Mitigation
Vendor Advisory
https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2134c704f-9b21-4f2e-91b3-4a467353bcc0
Mitigation
Vendor Advisory
Hyperlink: https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
Source: security-advisories@github.com
Resource:
Mitigation
Vendor Advisory
Hyperlink: https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-w37h-qm9p-h4x2
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Mitigation
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2022-29835
Matching Score-4
Assigner-Western Digital
ShareView Details
Matching Score-4
Assigner-Western Digital
CVSS Score-5.3||MEDIUM
EPSS-0.08% / 22.89%
||
7 Day CHG~0.00%
Published-19 Sep, 2022 | 19:43
Updated-03 Aug, 2024 | 06:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WD Discovery's Use of Weak Hashing Algorithm for Code Signing

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An attacker could use this weakness to create forged certificate signatures due to the use of a hashing algorithm that is not collision-free. This could thereby impact the confidentiality of user content. This issue affects: Western Digital WD Discovery WD Discovery Desktop App versions prior to 4.4.396 on Mac; WD Discovery Desktop App versions prior to 4.4.396 on Windows.

Action-Not Available
Vendor-Western Digital Corp.
Product-wd_discoveryWD Discovery
CWE ID-CWE-328
Use of Weak Hash
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2024-34914
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 20.13%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 15:14
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

php-censor v2.1.4 and fixed in v.2.1.5 was discovered to utilize a weak hashing algorithm for its remember_key value. This allows attackers to bruteforce to bruteforce the remember_key value to gain access to accounts that have checked "remember me" when logging in.

Action-Not Available
Vendor-n/aphp-censor
Product-n/aphp-censor
CWE ID-CWE-328
Use of Weak Hash
CVE-2023-0452
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.10% / 28.00%
||
7 Day CHG~0.00%
Published-26 Jan, 2023 | 20:39
Updated-16 Jan, 2025 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A configuration file that is accessible without authentication uses MD5 hashes for encrypting credentials, including those of administrators and technicians.

Action-Not Available
Vendor-econoliteEconolite
Product-eosEOS
CWE ID-CWE-328
Use of Weak Hash
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
Details not found