Security Explorations has announced that they have discovered yet another sandbox bypass of Oracle Java and have reported little in the way of details until the vendor fixes the issue. It currently affects all versions of Java. It's probably best to just keep Java off in your browser for now.
37fdc8d80a0b4d0df3960ac7a955595a2cb6e9d1152e90d378fc9a7f71ec1745