Clearancekit

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-40191 MEDIUM This Month

ClearanceKit for macOS prior to version 5.0.4-beta-1f46165 fails to validate destination paths in dual-path file operations (rename, link, copyfile, exchangedata, clone), allowing authenticated local processes to bypass file-access protection and place or replace files in protected directories. The vulnerability affects all versions before 5.0.4-beta-1f46165 and has been patched; no public exploit code or active exploitation has been identified at the time of analysis.

Apple Authentication Bypass Clearancekit

NVD GitHub

CVSS 4.0

6.8

EPSS

0.0%

CVE-2026-40191

EPSS 0% CVSS 6.8

MEDIUM This Month

ClearanceKit for macOS prior to version 5.0.4-beta-1f46165 fails to validate destination paths in dual-path file operations (rename, link, copyfile, exchangedata, clone), allowing authenticated local processes to bypass file-access protection and place or replace files in protected directories. The vulnerability affects all versions before 5.0.4-beta-1f46165 and has been patched; no public exploit code or active exploitation has been identified at the time of analysis.

Apple Authentication Bypass Clearancekit

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy