Show HN: CVE-2026-40369 Windows Kernel Arbitrary Write Chrome SBX

Category: security

Tags: windows-kernel, privilege-escalation, kaslr-bypass

Score: 7.0/10 (Innovation: 8, Technical: 9, Documentation: 5, Utility: 6)

This project discloses a critical Windows kernel arbitrary write vulnerability (CVE-2026-40369) and provides a proof-of-concept exploit that bypasses KASLR and Chrome's sandbox for privilege escalation. It is technically impressive, demonstrating a novel bypass of heavily-audited syscall paths, though it remains niche for security researchers and exploit developers.

Target audience: security researchers, exploit developers

Repository: https://pwn2nimron.com/blog · C · MIT · 191 stars

View on Hacker News