HomeCVE Intelligence › CVE-2026-46640
CVSS 8.0 HIGH 🔴 ACTIVELY EXPLOITED Vulnerability

CVE-2026-46640: Developing payloads for Twig sandbox bypass

<!-SC_OFF --><div class="md"><p>I recently learned about multiple sandbox bypasses discovered in Twig by project Glasswing. From the descriptions, only CVE-2026-46640 and CVE-2026-46633 seeme…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-46640
Vendorreddit_netsec
Affected ProductThreat Intelligence
Vulnerability TypeVulnerability
CVSS Score8.0 (HIGH)
Actively Exploited✅ Yes
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via reddit_netsec)

🔬 Technical Analysis

<!-- SC_OFF --><div class="md"><p>I recently learned about multiple sandbox bypasses discovered in Twig by project Glasswing. From the descriptions, only CVE-2026-46640 and CVE-2026-46633 seemed universally exploitable, so I decoded to research them. This writeup documents my development of payloads for the CVE-2026-46640 and the corresponding SSTImap module.</p> </div><!-- SC_ON -->   submitted by   <a href="https://www.reddit.com/user/vladko312"> /u/vladko312 </a> <br/> <span><a href="https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128">[link]</a></span>   <span><a href="https://www.reddit.com/r/netsec/comments/1tywxh9/cve2026466

🎯 Known Indicators of Compromise

{"type":"md5","value":"39507beaa58eacf3b62e6a6e6cd69128","confidence_score":0.85,"first_seen":"2026-06-09","source_count":1} {"type":"url","value":"https://www.reddit.com/user/vladko312">","confidence_score":0.82,"first_seen":"2026-06-09","source_count":1} {"type":"url","value":"https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128">[link]</a></spa","confidence_score":0.82,"first_seen":"2026-06-09","source_count":1} {"type":"url","value":"https://www.reddit.com/r/netsec/comments/1tywxh9/cve202646640_developing_payloads_for_twig_sandbox/&","confidence_score":0.82,"first_seen":"2026-06-09","source_count":1} {"type":"domain","value":"www.reddit.com","confidence_score":0.75,"first_seen":"2026-06-09","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-46640 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence