CVE-2026-40599 in clearancekitजानकारी

सारांश

द्वारा MITRE • 21/04/2026

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple process in the global allowlist, and access all protected files. This vulnerability is fixed in 5.0.5.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

जिम्मेदार

GitHub M

आरक्षित करना

14/04/2026

प्रकटीकरण

21/04/2026

संयम

स्वीकृत

प्रविष्टि

VDB-358545

CPE

तैयार

CWE

CWE-863 (पुष्टि की गई)

CVSS

5.3 (VulDB)

EPSS

0.00015

KEV

नहीं

गतिविधियाँ

बहुत कम

स्रोत

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-40599
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-40599
CVE Details	https://www.cvedetails.com/cve/CVE-2026-40599/

◂ पिछला सिंहावलोकन अगला ▸

Do you know our Splunk app?

Download it now for free!