Forshaw sandbox-escape catalogue (Project Zero — multiple Spooler / Search Indexer LPEs)

Attributions are based on open-source threat reports. A family appearing here means at least one syscall record cites it; absence does not imply non-use.