GIcon sandbox escape
The Gio.Icon.new_for_string
function is able to create icons based on file paths even for files outside the sandbox.
Since the function throws a Gtk warning if the path is non-existent, is a directory or the file type is invalid, it would be trivial to get all images from the user's computer through brute-forcing.