CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox - VoidSec

CVE-2026-40369 is a critical 12-byte kernel write vulnerability in nt!ExpGetProcessInformation that enables attackers to escape browser sandboxes and escalate privileges to NT AUTHORITY\SYSTEM. By exploiting an unchecked pointer in NtQuerySystemInformation, researchers can bypass security features to forge a system token and execute arbitrary code.