36 matches found
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
EUVD-2025-203922
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326
CVE-2025-13326 affects Mattermost Desktop App on macOS versions prior to 6.0.0, failing to enable the Hardened Runtime in Mac App Store builds. This allows an attacker to inherit TCC permissions by copying the binary to a temporary folder. Affected component is the Mattermost Desktop App binary; ...
CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store
Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...
Mattermost Desktop App 安全漏洞
Mattermost Desktop App is a messaging desktop application from Mattermost USA. A security vulnerability exists in Mattermost Desktop App versions prior to 6.0.0, which stems from the failure to enable the hardened runtime when packaging for the Mac App Store, and could result in inheriting TCC...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
EUVD-2025-197904
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
CVE-2025-12792
CVE-2025-12792 describes a vulnerability in the Mac App Store distribution of the Canva for Mac desktop app prior to 1.117.1. The issue stems from the app being built without Hardened Runtime, enabling a local threat actor with unprivileged access to execute arbitrary code that inherits the app’s...
CVE-2025-12792
The Mac App Store distribution of the Canva for Mac desktop app before 1.117.1 was built without Hardened Runtime. A local threat actor with unprivileged access could execute arbitrary code that inherits the TCC Transparency, Consent, and Control permissions assigned to Canva...
EUVD-2016-8680
Malware in sbrugna...
EUVD-2022-47508
Malicious code in bioql PyPI...
MAL-2025-2772 Malicious code in macappstore (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0467c582858f86d97b65e2ac8bcbe719cd97323136272b766d45045822a7baab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-44567
A command injection vulnerability exists in Rocket.Chat-Desktop 3.8.14 that could allow an attacker to pass a malicious url of openInternalVideoChatWindow to shell.openExternal, which may lead to remote code execution internalVideoChatWindow.tsL17. To exploit the vulnerability, the internal video...
Apple Removes Several Trend Micro Apps For Collecting MacOS Users' Data
Apple has removed almost all popular security apps offered by well-known cyber-security vendor Trend Micro from its official Mac App Store after they were caught stealing users' sensitive data without their consent. The controversial apps in question include Dr Cleaner, Dr Cleaner Pro, Dr...
British Airways Hack Triggers GDPR Concerns, as World Awaits Windows 0-Day Patch
A swipe of confidential data from almost 400,000 British Airways customers. A string of app takedowns at the Mac App Store after exfiltration findings. A gargantuan data breach at a Chinese hotel chain. An unpatched zero-day Windows bug exploited in the wild. These are some of the security news...