Skip to main content

X Vpn Macos Website

1 CVEs product

Monthly

CVE-2026-2638 HIGH PATCH This Week

Local privilege escalation in X-VPN for macOS (website-distributed versions 77.0 through 77.5) allows a low-privileged local attacker to corrupt privileged files by abusing a race condition (TOCTOU) and symlink manipulation in the quarantine and restore workflow. Discovered and reported by Fluid Attacks, the issue is patched by the vendor; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Apple Information Disclosure X Vpn Macos Website
NVD
CVSS 4.0
7.3
EPSS
0.0%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Local privilege escalation in X-VPN for macOS (website-distributed versions 77.0 through 77.5) allows a low-privileged local attacker to corrupt privileged files by abusing a race condition (TOCTOU) and symlink manipulation in the quarantine and restore workflow. Discovered and reported by Fluid Attacks, the issue is patched by the vendor; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Apple Information Disclosure X Vpn Macos Website
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy