An exploit chain is a sequence of vulnerabilities or weaknesses combined to produce a larger result than any single bug would allow. One flaw may only leak information, bypass a sandbox, or give partial control, while the next flaw turns that foothold into code execution, privilege escalation, or full system compromise.
Exploit chains matter because modern systems often have layered defenses, so attackers rarely rely on one defect alone. In real attacks, a chain may link a browser bug to a memory-corruption issue, or a container escape to a misconfiguration. Defenders look for chains by reducing attack surface, patching quickly, hardening permissions, and monitoring for unusual transitions between trust boundaries. Breaking any link can stop the whole attack.